The vulnerable software is PaperCut NG, specifically version 22.0.5 (Build 63914). This version is affected by an improper access control flaw in the SetupCompleted class, which allows remote attackers to bypass authentication and execute arbitrary code in the context of SYSTEM.

An exploit for this issue exists and has been used by malicious software such as LockBit and Clop.

The issue can be exploited without requiring authentication, making it a significant concern for users of the affected software.

There are approximately 4,929 results related to this vulnerability on ZoomEye, indicating a potentially large number of affected systems.

More information about the exploit can be found on various online platforms, including Reddit and TryHackMe.

https://www.reddit.com/r/netsec/comments/12xc9r7/papercut cve202327350 deep dive indicators of/

#PaperCut #RemoteCodeExecution #ImproperAccessControl #Cybersecurity #TryHackMe #Exploit #LockBit #Clop #ZoomEye