Share
## https://sploitus.com/exploit?id=SAINT:265661B74BC72F0361AE7BB83EAC4EA3
Added: 05/12/2023  


### Background

[PaperCut](<https://www.papercut.com/>) is print management software. It includes a web interface written in Java. 

### Problem

An authentication bypass vulnerability in the `**SetupCompleted**` class allows a remote, unauthenticated attacker to execute arbitrary code in the context of SYSTEM. 

### Resolution

[Upgrade](<https://www.papercut.com/kb/Main/Upgrading>) to PaperCut MF or NG 20.1.7, 21.2.11, or 22.0.9 or higher (build 65657 or higher). 

### References

<https://www.papercut.com/kb/Main/PO-1216-and-PO-1219>  
<https://www.horizon3.ai/papercut-cve-2023-27350-deep-dive-and-indicators-of-compromise/>  


### Platforms

Windows