Please see below URGENT information in relation to PaperCut.
PaperCut Exploitation of CVE-2023-27351 and CVE-2023-27350
On April 19th, PaperCut reported active, in the wild exploitation against vulnerable versions of their software including version 8.0 and above, and prior to 20.1.7, 21.2.11, or 22.0.9.
These threats have been identified via the Zero Day Initiative as ZDI-CAN-19226 (CVE-2023-27351) and ZDI-CAN-18987 (CVE-2023-27350).
In relation to CVE-2023-27351 and CVE-2023-27350, Authentication is not required to exploit this vulnerability. The specific flaw exists within the SecurityRequestFilter class.
…”Our immediate advice is to upgrade your PaperCut Application Servers to one of the fixed versions listed below if you haven’t already.”…
- Versions 8.0 and above, and prior to 20.1.7, 21.2.11, or 22.0.9.
Mitigation/ Remediation Strategies
Install the updated software version immediately.
The upgrade procedure is linked here for your reference:
If you are concerned that a PaperCut Application server may have been compromised please reach out to us, so that we can determine if Post exploit activities have been undertaken.
For those with Vulnerability Scanning tools available, we recommend that scan results and versions be reviewed immediately.