Login Sign Up

CVE-2023-3486

8.2 HIGH
Authentication Bypass Denial of Service

📋 TL;DR

An authentication bypass vulnerability in PaperCut NG allows unauthenticated remote attackers to upload arbitrary files to the server's storage. This can lead to denial of service by exhausting system resources. Affects PaperCut NG versions 22.0.12 and earlier.

💻 Affected Systems

Products:
  • PaperCut NG
Versions: 22.0.12 and prior
Operating Systems: All supported platforms
Default Config Vulnerable: ⚠️ Yes
Notes: All default configurations are vulnerable. PaperCut MF is not affected.

📦 What is this software?

Papercut Mf by Papercut

View all CVEs affecting Papercut Mf →

Papercut Ng by Papercut

View all CVEs affecting Papercut Ng →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete service disruption through resource exhaustion, potentially enabling further attacks via file uploads if combined with other vulnerabilities.

🟠

Likely Case

Denial of service causing PaperCut NG to become unresponsive, disrupting print management services.

🟢

If Mitigated

Minimal impact with proper network segmentation and access controls limiting exposure.

🌐 Internet-Facing: HIGH - Unauthenticated remote exploitation makes internet-facing instances extremely vulnerable.
🏢 Internal Only: MEDIUM - Internal attackers could still exploit, but requires network access.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: CONFIRMED
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Simple HTTP requests can trigger the vulnerability. Public exploit code is available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 22.0.13 or later

Vendor Advisory: https://www.papercut.com/kb/Main/SecurityBulletinJuly2023/

Restart Required: Yes

Instructions:

1. Download PaperCut NG version 22.0.13 or later from PaperCut website. 2. Backup current installation. 3. Run installer to upgrade. 4. Restart PaperCut services.

🔧 Temporary Workarounds

Network Access Restriction

all

Restrict network access to PaperCut NG administration interface to trusted IPs only

Configure firewall rules to limit access to PaperCut NG ports (typically 9191, 9192)

🧯 If You Can't Patch

  • Implement strict network segmentation to isolate PaperCut NG from untrusted networks
  • Monitor system resources and file upload activities for unusual patterns

🔍 How to Verify

Check if Vulnerable:

Check PaperCut NG version in administration interface under Help > About. If version is 22.0.12 or earlier, system is vulnerable.

Check Version:

On Windows: sc query PaperCutNG | findstr DisplayName. On Linux: ps aux | grep papercut

Verify Fix Applied:

Verify version is 22.0.13 or later in Help > About. Test file upload functionality with unauthenticated requests should be blocked.

📡 Detection & Monitoring

Log Indicators:

  • Unusual file upload activities from unauthenticated sources
  • Resource exhaustion alerts
  • Failed authentication attempts followed by file uploads

Network Indicators:

  • HTTP POST requests to file upload endpoints from unauthenticated sources
  • Unusual traffic patterns to PaperCut NG ports

SIEM Query:

source="papercut-ng" AND (event="FILE_UPLOAD" AND user="anonymous") OR (resource_usage > 90%)

📊 Metadata

CVE ID: CVE-2023-3486
CVSS v3 Score: 8.2 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
CWE: CWE-434
Published: July 25, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-3486, you might also want to check these:

CVE-2024-52490 10.0

This vulnerability allows attackers to upload arbitrary files, including web shells, to Pathomation ...

Same vulnerability type (CWE-434)
CVE-2024-43160 10.0

CVE-2024-43160 is an unauthenticated arbitrary file upload vulnerability in the BerqWP WordPress plu...

Same vulnerability type (CWE-434)
CVE-2024-8940 10.0

CVE-2024-8940 is a critical unrestricted file upload vulnerability in Scriptcase version 9.4.019 tha...

Same vulnerability type (CWE-434)