Metasploit modules that can be used to exploit Papercut products
-
PaperCut PaperCutNG Authentication Bypass
Disclosure Date: 2023-03-13First seen: 2023-09-11exploit/multi/http/papercut_ng_auth_bypassThis module leverages an authentication bypass in PaperCut NG. If necessary it updates Papercut configuration options, specifically the 'print-and-device.script.enabled' and 'print.script.sandboxed' options to allow for arbitrary code execution running in the builtin RhinoJS engine. This module logs at most 2 events in the application log of papercut. Each event is tied to modifcation of server settings. Authors: - catatonicprime
1 metasploit modules found
Please note: Metasploit modules are only matched by CVE numbers.
Visit metasploit web site for more details