Vulnerability Description
This vulnerability potentially allows unauthorized write operations which may lead to remote code execution. An attacker must already have authenticated admin access and knowledge of both an internal system identifier and details of another valid user to exploit this.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Papercut | Papercut Mf | < 20.1.10 |
| Papercut | Papercut Ng | < 20.1.10 |
| Apple | Macos | - |
| Linux | Linux Kernel | - |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- https://www.papercut.com/kb/Main/Security-Bulletin-March-2024Vendor Advisory
- https://www.papercut.com/kb/Main/Security-Bulletin-March-2024Vendor Advisory
FAQ
What is CVE-2024-1654?
CVE-2024-1654 is a vulnerability with a CVSS score of 7.2 (HIGH). This vulnerability potentially allows unauthorized write operations which may lead to remote code execution. An attacker must already have authenticated admin access and knowledge of both an internal ...
How severe is CVE-2024-1654?
CVE-2024-1654 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-1654?
Check the references section above for vendor advisories and patch information. Affected products include: Papercut Papercut Mf, Papercut Papercut Ng, Apple Macos, Linux Linux Kernel, Microsoft Windows.