PT-2024-18202 · Papercut · Papercut Ng

Published

2024-03-14

Updated

2024-06-18

CVE-2024-1654

CVSS v3.1

7.2

High

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions PaperCut NG versions (affected versions not specified)

Description This issue potentially allows unauthorized write operations, which may lead to remote code execution. An attacker must already have authenticated admin access and knowledge of both an internal system identifier and details of another valid user to exploit this.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-183

Related Identifiers

CVE-2024-1654

ZDI-24-781

Affected Products

Papercut Ng

PT-2024-18202 · Papercut · Papercut Ng

CVE-2024-1654

Weakness Enumeration

Related Identifiers

Affected Products

References · 7