PaperCut NG Unauthenticated XMLRPC Functionality | allinfosecnews.com

Sept. 13, 2023, 8:02 p.m. | Jimi Sebree

Tenable Research Advisories www.tenable.com

PaperCut NG Unauthenticated XMLRPC Functionality

Insufficient access controls for XMLRPC operations exist in PaperCut NG. Versions 22.0.12 and earlier are confirmed vulnerable. Later versions may also be affected due to lack of a vendor-supplied patch.

Access to XMLPRC operations in PaperCut NG are controlled by various allowed IP lists. By default many allowed IP lists (i.e., auth.providers.allowed-addresses) are configured to be a wildcard, which allows an unauthenticated remote attacker to issue XMLPRC calls.

Proof of Concept

// Add a printer; …

access access controls controls default lists may operations papercut patch unauthenticated vendor vulnerable

More from www.tenable.com / Tenable Research Advisories

Approach.App Multiple Vulnerabilities 1 week, 6 days ago | www.tenable.com

app application exploitation management +9

Karros Technologies Authentication Bypass 1 week, 6 days ago | www.tenable.com

authentication authentication bypass bypass technologies

Ivanti Avalanche WLAvalancheService.exe Unauthenticated Heap-based Buffer Overflow 2 weeks, 1 day ago | www.tenable.com

avalanche big buffer buffer overflow +12

Path Traversal Affecting Multiple CData Products 3 weeks, 6 days ago | www.tenable.com

application attachment cookie date +14

LG LED Assistant v2.1.65 Multiple Vulnerabilities 1 month ago | www.tenable.com

assistant led vulnerabilities

Arcserve Unified Data Protection 9.2 Multiple Vulnerabilities 1 month, 2 weeks ago | www.tenable.com

arcserve data data protection protection +1

Microsoft Azure Synapse Analytics - Privilege Escalation via Vegas Caching Service 1 month, 3 weeks ago | www.tenable.com

analytics azure azure synapse caching +8

Showdownjs Denial of Service 2 months ago | www.tenable.com

can command concept conditions +17

Missing Authentication for Critical Function in Adobe FrameMaker Publishing Server (FMPS) 2 months, 2 weeks ago | www.tenable.com

accesstoken admin adobe authentication +9

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote

View on infosec-jobs.com

Information Security Specialist, Sr. (Container Hardening)

@ Rackner | San Antonio, TX

View on infosec-jobs.com

Principal Security Researcher (Advanced Threat Prevention)

@ Palo Alto Networks | Santa Clara, CA, United States

View on infosec-jobs.com

EWT Infosec | IAM Technical Security Consultant - Manager

@ KPMG India | Bengaluru, Karnataka, India

View on infosec-jobs.com

Security Engineering Operations Manager

@ Gusto | San Francisco, CA; Denver, CO; Remote

View on infosec-jobs.com

Network Threat Detection Engineer

@ Meta | Denver, CO | Reston, VA | Menlo Park, CA | Washington, DC

View on infosec-jobs.com