CVE-2023-39143

CRITICAL EXPLOITED NUCLEI

PaperCut NG/MF <22.1.3 - Path Traversal

Title source: llm

Exploitation Summary

CVE-2023-39143 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including foregenix. A Nuclei detection template is also available.

AI-analyzed exploit summary The repository contains a functional WebDAV crawler exploit for CVE-2023-39143, targeting PaperCut MF/NG. The script performs directory traversal and information leakage by crawling WebDAV paths to extract sensitive data, including user information.

Description

PaperCut NG and PaperCut MF before 22.1.3 on Windows allow path traversal, enabling attackers to upload, read, or delete arbitrary files. This leads to remote code execution when external device integration is enabled (a very common configuration).

Exploits (1)

nomisec WORKING POC

by foregenix · poc

https://github.com/foregenix/CVE-2023-39143

View Code ZIP pw:eip

The repository contains a functional WebDAV crawler exploit for CVE-2023-39143, targeting PaperCut MF/NG. The script performs directory traversal and information leakage by crawling WebDAV paths to extract sensitive data, including user information.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: PaperCut MF/NG

Auth required

Prerequisites: Valid credentials for PaperCut WebDAV access · Network access to the PaperCut server

MITRE ATT&CK

T1083 - File and Directory Discovery T1005 - Data from Local System

devstral-2 · analyzed Feb 19, 2026 Full analysis →

Nuclei Templates (1)

PaperCut < 22.1.3 - Path Traversal

CRITICALVERIFIEDby pdteam

Shodan:

html:"content=\"PaperCut\"" || http.html:"papercut" || http.html:"content=\"papercut\"" || cpe:"cpe:2.3:a:papercut:papercut_mf"

FOFA: body="papercut" || body="content=\"papercut\""

References (2)

Core 2

Core References

Exploit, Third Party Advisory

https://www.horizon3.ai/cve-2023-39143-papercut-path-traversal-file-upload-rce-vulnerability/

Vendor Advisory

https://www.papercut.com/kb/Main/securitybulletinjuly2023/

Scores

CVSS v3 9.8

EPSS 0.7870

EPSS Percentile 99.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

VulnCheck KEV 2025-10-17

CWE

CWE-22

Status published

Products (2)

papercut/papercut_mf < 22.1.3

papercut/papercut_ng < 22.1.3

Published Aug 04, 2023

Tracked Since Feb 18, 2026