PT-2025-35658 · Papercut · Papercut Print Deploy
Maximilian Platzner
+2
·
Published
2025-09-03
·
Updated
2025-09-03
·
CVE-2025-9785
CVSS v4.0
7.7
High
| Vector | AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
PaperCut Print Deploy (affected versions not specified)
Description
PaperCut Print Deploy, an optional component integrated with PaperCut NG/MF, is susceptible to man-in-the-middle attacks if not correctly configured with a trusted certificate. Insufficient documentation regarding SSL configuration may lead to misconfiguration of the client installation, potentially exposing communication between clients and the server.
Recommendations
Use valid certificates to secure installations.
Follow the updated documentation to ensure correct SSL configuration.
If using private CAs or self-signed certificates, ensure the Certification Authority certificate, or the self-signed certificate if using only one, is copied to the operating system's trust store and the Java key store.
Fix
Improper Certificate Validation
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Papercut Print Deploy