CVE-2023-39143: Path Traversal
First published: Fri Aug 04 2023(Updated: )
PaperCut NG and PaperCut MF before 22.1.3 are vulnerable to path traversal which enables attackers to read, delete, and upload arbitrary files.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Papercut Papercut Mf | <22.1.3 | |
| Papercut Papercut Ng | <22.1.3 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-39143?
CVE-2023-39143 is a vulnerability that affects PaperCut NG and PaperCut MF versions prior to 22.1.3 on Windows, allowing path traversal and enabling attackers to upload, read, or delete arbitrary files, leading to remote code execution.
How severe is CVE-2023-39143?
CVE-2023-39143 has a severity rating of 9.8 (Critical).
Which software versions are affected by CVE-2023-39143?
PaperCut NG and PaperCut MF versions prior to 22.1.3 on Windows are affected by CVE-2023-39143.
How can attackers exploit CVE-2023-39143?
Attackers can exploit CVE-2023-39143 by using path traversal to upload, read, or delete arbitrary files, leading to potential remote code execution.
Where can I find more information about CVE-2023-39143?
You can find more information about CVE-2023-39143 at the following references: [Reference 1](https://www.horizon3.ai/cve-2023-39143-papercut-path-traversal-file-upload-rce-vulnerability/) and [Reference 2](https://www.papercut.com/kb/Main/securitybulletinjuly2023/).
- collector/nvd-latest
- collector/nvd-api
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/type
- agent/tags
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- vendor/papercut
- canonical/papercut papercut mf
- canonical/papercut papercut ng
- vendor/microsoft
- canonical/microsoft windows