CVE-2024-8404 – Arbitrary File Deletion in PaperCut NG/MF Web Print Hot folder
https://notcve.org/view.php?id=CVE-2024-8404
An arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. To exploit this vulnerability, an attacker must first obtain local login access to the Windows Server hosting PaperCut NG/MF and be capable of executing low-privilege code directly on the server via the web-print-hot-folder. Important: In most installations, this risk is mitigated by the default Windows Server configuration, which restricts local login access to Administrators only. However, this vulnerability could pose a risk to customers who allow non-administrative users to log into the local console of the Windows environment hosting the PaperCut NG/MF application server. Note: This CVE has been split from CVE-2024-3037. • https://www.papercut.com/kb/Main/Security-Bulletin-May-2024 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVE-2024-8405 – Arbitrary File Creation in PaperCut NG/MF Web Print leading to a Denial of Service attack
https://notcve.org/view.php?id=CVE-2024-8405
An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. This specific flaw exists within the web-print.exe process, which can incorrectly create files that don’t exist when a maliciously formed payload is provided. This can be used to flood disk space and result in a Denial of Service (DoS) attack. Note: This CVE has been split from CVE-2024-4712. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of PaperCut NG. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the pc-web-print service. • https://www.papercut.com/kb/Main/Security-Bulletin-May-2024 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVE-2024-4712 – Arbitrary File Creation in PaperCut NG/MF Web Print Image Handler
https://notcve.org/view.php?id=CVE-2024-4712
An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. This vulnerability requires local login/console access to the PaperCut NG/MF server (eg: member of a domain admin group). Existe una vulnerabilidad de creación de archivos arbitraria en PaperCut NG/MF que solo afecta a los servidores Windows con Web Print habilitado. Esta vulnerabilidad requiere inicio de sesión local/acceso a la consola del servidor PaperCut NG/MF (por ejemplo: miembro de un grupo de administración de dominio). An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. • https://www.papercut.com/kb/Main/security-bulletin-may-2024 https://www.papercut.com/kb/Main/Security-Bulletin-May-2024 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVE-2024-3037 – Arbitrary File Deletion in PaperCut NG/MF Web Print
https://notcve.org/view.php?id=CVE-2024-3037
An arbitrary file deletion vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. This vulnerability requires local login/console access to the PaperCut NG/MF server (eg: member of a domain admin group). Existe una vulnerabilidad de eliminación arbitraria de archivos en PaperCut NG/MF que solo afecta a los servidores Windows con Web Print habilitado. Esta vulnerabilidad requiere acceso a la consola o inicio de sesión local al servidor PaperCut NG/MF (por ejemplo, miembro de un grupo de administración de dominio). An arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. • https://www.papercut.com/kb/Main/security-bulletin-may-2024 https://www.papercut.com/kb/Main/Security-Bulletin-May-2024 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVE-2024-1884 – Server Side Request Forgery in PaperCut NG/MF
https://notcve.org/view.php?id=CVE-2024-1884
This is a Server-Side Request Forgery (SSRF) vulnerability in the PaperCut NG/MF server-side module that allows an attacker to induce the server-side application to make HTTP requests to an arbitrary domain of the attacker's choosing. Esta es una vulnerabilidad de Server-Side Request Forgery (SSRF) en PaperCut NG/MF server-side module que permite a un atacante inducir a la aplicación del lado del servidor a realizar solicitudes HTTP a un dominio arbitrario de su elección. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PaperCut MF. Authentication is not required to exploit this vulnerability. The specific flaw exists within the pc-upconnector-service service, which listens on TCP port 9151 by default. The issue results from the lack of proper validation of a URI prior to accessing resources. • https://www.papercut.com/kb/Main/Security-Bulletin-March-2024 • CWE-918: Server-Side Request Forgery (SSRF) •