CVE-2024-1654: Unauthorized write operations in PaperCut NG/MF
First published: Thu Mar 14 2024(Updated: )
This vulnerability potentially allows unauthorized write operations which may lead to remote code execution. An attacker must already have authenticated admin access and knowledge of both an internal system identifier and details of another valid user to exploit this.
Credit: eb41dac7-0af8-4f84-9f6d-0272772514f4
| Affected Software | Affected Version | How to fix |
|---|---|---|
| PaperCut MF | ||
| All of | ||
| Any of | ||
| PaperCut NG/MF | <20.1.10 | |
| PaperCut NG/MF | >=21.0.0<21.2.14 | |
| PaperCut NG/MF | >=22.0.0<22.1.5 | |
| PaperCut NG/MF | >=23.0.1<23.0.7 | |
| PaperCut NG/MF | <20.1.10 | |
| PaperCut NG/MF | >=21.0.0<21.2.14 | |
| PaperCut NG/MF | >=22.0.0<22.1.5 | |
| PaperCut NG/MF | >=23.0.1<23.0.7 | |
| Any of | ||
| Apple macOS | ||
| Linux Linux kernel | ||
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
- agent/weakness
- agent/title
- agent/references
- agent/type
- agent/first-publish-date
- agent/description
- agent/severity
- agent/author
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- vendor/papercut
- canonical/papercut ng/mf
- version/papercut ng/mf/21.0.0
- version/papercut ng/mf/22.0.0
- version/papercut ng/mf/23.0.1
- vendor/apple
- canonical/apple macos
- vendor/linux
- canonical/linux linux kernel
- vendor/microsoft
- canonical/microsoft windows