CVE-2023-3486

Name of the Vulnerable Software and Affected Versions PaperCut NG versions 22.0.12 and prior

Description An authentication bypass exists that could allow a remote, unauthenticated attacker to upload arbitrary files to the PaperCut NG host’s file storage. This could exhaust system resources and prevent the service from operating as expected.

Recommendations For versions 22.0.12 and prior, update to a version later than 22.0.12 to resolve the issue. As a temporary workaround, consider restricting access to the file storage to minimize the risk of exploitation.