cve/2023/CVE-2023-4568.md

### [CVE-2023-4568](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4568)
![](https://img.shields.io/static/v1?label=Product&message=PaperCut%20NG&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-287%20Improper%20Authentication&color=brighgreen)

### Description

PaperCut NG allows for unauthenticated XMLRPC commands to be run by default. Versions 22.0.12 and below are confirmed to be affected, but later versions may also be affected due to lack of a vendor supplied patch.

### POC

#### Reference
- https://www.tenable.com/security/research/tra-2023-31

#### Github
- https://github.com/nomi-sec/PoC-in-GitHub
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2023-4568](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4568)`
			`![](https://img.shields.io/static/v1?label=Product&message=PaperCut%20NG&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-287%20Improper%20Authentication&color=brighgreen)`

			`### Description`

			`PaperCut NG allows for unauthenticated XMLRPC commands to be run by default. Versions 22.0.12 and below are confirmed to be affected, but later versions may also be affected due to lack of a vendor supplied patch.`

			`### POC`

			`#### Reference`
			`- https://www.tenable.com/security/research/tra-2023-31`

			`#### Github`
Update CVE sources 2024-05-28 08:49 2024-05-28 08:49:17 +00:00			`- https://github.com/nomi-sec/PoC-in-GitHub`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00