PaperCut NG and PaperCut MF prior to 22.1.3 on Windows allow path traversal, enabling malicious users to upload, read, or delete arbitrary files. This leads to remote code execution when external device integration is enabled (a very common configuration).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
papercut papercut_mf |
||
papercut papercut_ng |