216.73.216.215

CVE-2024-8405

· Published 26/09/2024 02:15 · Modified 03/10/2024 00:51

Labels: CVE-2024-8405 2024-09-26CVE-2024-8405CWE-77eb41dac7-0af8-4f84-9f6d-0272772514f4

Essential information

Published
26/09/2024 02:15
Modified
03/10/2024 00:51
Author
Creator
CVSS
5.5 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVSS metrics

Description

An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. This specific flaw exists within the web-print.exe process, which can incorrectly create files that don’t exist when a maliciously formed payload is provided. This can be used to flood disk space and result in a Denial of Service (DoS) attack. Note: This CVE has been split from CVE-2024-4712.

NVD status

Status
Analyzed — CVE has been recently published to the CVE List and has been received by the NVD.
Source
eb41dac7-0af8-4f84-9f6d-0272772514f4
NVD
View on NVD

Affected products (CPE)

ProductCPE
papercut / papercut mf cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*
papercut / papercut ng cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*

References