Share 
## https://sploitus.com/exploit?id=SAINT:648936FBB2CAC7D3895D33C618D275A9
Added: 05/12/2023  


### Background

PaperCut is print management software. It includes a web interface written in Java. 

### Problem

An authentication bypass vulnerability in the `**SetupCompleted**` class allows a remote, unauthenticated attacker to execute arbitrary code in the context of SYSTEM. 

### Resolution

Upgrade to PaperCut MF or NG 20.1.7, 21.2.11, or 22.0.9 or higher (build 65657 or higher). 

### References

https://www.papercut.com/kb/Main/PO-1216-and-PO-1219   
https://www.horizon3.ai/papercut-cve-2023-27350-deep-dive-and-indicators-of-compromise/   


### Platforms

Windows