PT-2023-2485 · Unknown · Papercut Ng

Chudypb

Publicado

2023-03-14

Atualizado

2026-04-24

CVE-2023-27351

CVSS v2.0

8.5

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:P/A:N

Name of the Vulnerable Software and Affected Versions PaperCut NG version 22.0.5 (Build 63914)

Description This issue allows remote attackers to bypass authentication on affected installations. The flaw exists within the SecurityRequestFilter class due to improper implementation of the authentication algorithm. An attacker can leverage this to bypass authentication on the system.

Recommendations For PaperCut NG version 22.0.5 (Build 63914), consider disabling the SecurityRequestFilter class as a temporary workaround until a patch is available. Restrict access to sensitive areas of the system to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Access Control

Improper Authentication

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-284CWE-287

Identificadores relacionados

BDU:2023-02276

CVE-2023-27351

ZDI-23-232

Produtos afetados

Papercut Ng

PT-2023-2485 · Unknown · Papercut Ng

CVE-2023-27351

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 34