04.20.2023

Papercut MF & NG Active Exploit

Alert
  • facebook share link
  • twitter share link
  • linkedin share link
  • mail share link

Date of Notice: 04/20/2023

Action Level - Critical

Description

Papercut is reporting that two previously reported vulnerabilities, including one with critical severity, are now being exploited by attackers. These vulnerabilities can allow an unauthenticated attacker to perform Remote Code Execution on a Papercut server. As this is being actively exploited, Papercut recommends immediate patching as well as investigation into whether your servers may have been compromised.

Affected Versions

  • Papercut MF and NG - Application and Site Servers

Attack Vector

This exploit can be performed remotely and without authentication.

Attack Feasibility 

An exploit currently exists in the wild.

Remediation

Update to a fixed release (see above)

Vendor Resources

Vendor Advisory (Includes update info and recommendations on exploit detection)

MCNC
PO Box 12889
3021 East Cornwallis Road
RTP, NC 27709-2889
919-248-1900 Phone | 919-248-1101 Fax
Connect With Us
  • linkedin
  • instagram
  • x
  • facebook
  • youtube
© 2024 MCNC