Authentication Bypass Vulnerability in PaperCut NG Allows Arbitrary File Upload
CVE-2023-3486 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
An authentication bypass exists in PaperCut NG versions 22.0.12 and prior that could allow a remote, unauthenticated attacker to upload arbitrary files to the PaperCut NG host’s file storage. This could exhaust system resources and prevent the service from operating as expected.
Learn more about our Web Application Penetration Testing UK.