PaperCut NG/MF Path Traversal (CVE-2023-39143)
Description
PaperCut NG and MF versions prior to 22.1.3 contain a critical path traversal vulnerability that allows remote attackers to bypass file access restrictions without authentication. Attackers can exploit this flaw to read sensitive files, delete critical system files, or upload malicious files to arbitrary locations on the server, potentially leading to complete system compromise.
Remediation
1. Immediately upgrade PaperCut NG or MF to version 22.1.3 or later, which contains patches for this vulnerability.
2. If immediate patching is not possible, restrict network access to the PaperCut application server using firewall rules to allow only trusted IP addresses.
3. Monitor server logs for suspicious file access patterns, unusual file uploads, or path traversal attempts (look for patterns containing '../' or encoded equivalents).
4. After upgrading, conduct a security audit to verify no unauthorized files were uploaded and no sensitive data was accessed during the vulnerability window.
5. Review and rotate any credentials or API keys that may have been exposed through configuration file access.