CVE-2024-8404

Name of the Vulnerable Software and Affected Versions: PaperCut NG/MF versions (affected versions not specified)

Description: The issue is related to an arbitrary file deletion vulnerability in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. This vulnerability can be exploited by an attacker who obtains local login access to the Windows Server hosting PaperCut NG/MF and can execute low-privilege code directly on the server via the web-print-hot-folder. The risk is mitigated in most installations by the default Windows Server configuration, which restricts local login access to Administrators only. However, this vulnerability could pose a risk to customers who allow non-administrative users to log into the local console of the Windows environment hosting the PaperCut NG/MF application server.

Recommendations: As a temporary workaround, consider restricting access to the web-print-hot-folder to minimize the risk of exploitation. Restrict local login access to Administrators only on the Windows Server hosting PaperCut NG/MF. Avoid allowing non-administrative users to log into the local console of the Windows environment hosting the PaperCut NG/MF application server. At the moment, there is no information about a newer version that contains a fix for this vulnerability.