Initial Access Intelligence
Example Initial Access Artifacts
VulnCheck Initial Access Intelligence example record for PaperCut (CVE-2023-27350)
VulnCheck tracks initial access vulnerabilities, remote code execution vulnerabilities that do not require authentication, and authors detection artifacts to help organizations defend against weaponized exploits for those vulnerabilities. VulnCheck Initial Access Intelligence provides these detection artifacts in timely manner, to help organizations author detections and defend themselves, during the unclear times of recent disclosures.
When new vulnerabilities, like CVE-2023-27350 (PaperCut) are disclosed, VulnCheck researchers examine the potential use of that vulnerability in Internet-wide attacks.
PaperCut CVE-2023-27350
In mid-April, attackers began exploiting a vulnerability in PaperCut NG and MF. The exploited vulnerability would later be assigned CVE-2023-27350. Multiple security organizations have published exploit detections and indicators of compromise that assume attackers are executing code through PaperCut’s built-in scripting interface. However, VulnCheck researchers have found a proof-of-concept exploit that bypasses all published detections from Huntress, Horizon3.ai, Emerging Threats and Microsoft. To learn more, see VulnCheck's blog: PaperCut Exploitation - A Different Path to Code Execution.
Available Detection Artifacts
To check what detection artifacts are available for PaperCut CVE-2023-27350, simply check VulnCheck Initial Access Intelligence via: (https://api.vulncheck.com/v3/index/initial-access?cve=CVE-2023-27350).
curl
curl --request GET \
--url https://api.vulncheck.com/v3/index/initial-access?cve=CVE-2023-27350 \
--header 'Accept: application/json' \
--header 'Authorization: Bearer insert_token_here'
That will result in a response like:
{
"_benchmark": 0.06023,
"_meta": {
"timestamp": "2023-08-29T18:24:48.154476246Z",
"index": "initial-access",
"page": 1,
"limit": 100,
"max_pages": 6,
"total_pages": 1,
"total_documents": 1,
"sort": "_timestamp",
"parameters": [
{
"name": "cve",
"format": "CVE-YYYY-N{4-7}",
"filtering": "CVE-2023-27350"
},
{
"name": "lastModStartDate",
"format": "YYYY-MM-DD"
},
{
"name": "lastModEndDate",
"format": "YYYY-MM-DD"
},
{
"name": "pubStartDate",
"format": "YYYY-MM-DD"
},
{
"name": "pubEndDate",
"format": "YYYY-MM-DD"
}
],
"order": "desc",
"first_item": 1,
"last_item": 1
},
"data": [
{
"cve": "CVE-2023-27350",
"inKEV": true,
"vulnerable_cpes": [
"cpe:2.3:a:papercut:papercut_mf:10.0:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:10.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:10.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:10.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:10.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:10.5:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:10.6:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:11.0:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:11.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:11.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:11.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:11.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:11.5:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:11.6:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:12.0:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:12.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:12.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:12.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:12.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:12.5:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:13.0:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:13.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:13.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:13.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:13.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:13.5:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:14.0:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:14.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:14.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:14.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:15.0:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:15.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:15.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:15.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:16.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:16.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:16.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:16.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:17.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:17.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:17.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:17.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:17.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:17.0:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:17.1.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:17.1.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:17.1.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:17.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:17.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:17.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:17.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:17.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:17.3.0:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:17.3.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:17.3.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:17.3.5:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:17.3.6:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:17.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:17.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:17.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:17.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:17.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:18.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:18.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:18.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:18.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:18.0:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:18.1.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:18.1.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:18.1.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:18.1.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:18.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:18.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:18.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:18.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:18.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:18.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:18.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:18.3.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:18.3.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:18.3.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:18.3.5:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:18.3.6:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:18.3.7:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:18.3.8:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:18.3.9:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:19.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:19.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:19.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:19.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:19.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:19.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:19.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:19.1.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:19.1.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:19.1.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:19.1.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:19.1.5:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:19.1.6:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:19.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:19.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:19.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:19.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:19.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:19.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:19.2.7:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:20.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:20.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:20.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:20.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:20.1.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:20.1.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:20.1.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:20.1.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:20.1.5:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:20.1.6:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:21.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:21.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:21.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:21.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:21.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:21.1.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:21.1.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:21.2.10:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:21.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:21.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:21.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:21.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:21.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:21.2.7:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:21.2.8:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:21.2.9:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:22.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:22.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:22.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:22.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:22.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:22.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:22.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:22.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:22.0.8:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:8.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:8.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:8.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:8.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:8.5:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:9.0:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:9.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:9.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:9.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:9.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:9.5:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:9.6:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:9.7:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_mf:9.8:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:10.0:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:10.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:10.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:10.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:10.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:10.5:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:10.6:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:10.7:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:11.0:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:11.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:11.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:11.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:11.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:11.5:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:11.6:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:12.0:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:12.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:12.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:12.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:12.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:12.5:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:13.0:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:13.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:13.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:13.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:13.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:13.5:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:14.0:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:14.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:14.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:14.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:15.0:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:15.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:15.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:15.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:16.0:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:16.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:16.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:16.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:16.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:17.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:17.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:17.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:17.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:17.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:17.0:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:17.1.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:17.1.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:17.1.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:17.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:17.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:17.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:17.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:17.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:17.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:17.3.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:17.3.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:17.3.5:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:17.3.6:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:17.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:17.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:17.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:17.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:17.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:18.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:18.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:18.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:18.0:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:18.1.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:18.1.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:18.1.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:18.1.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:18.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:18.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:18.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:18.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:18.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:18.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:18.3.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:18.3.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:18.3.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:18.3.5:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:18.3.6:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:18.3.7:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:18.3.8:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:18.3.9:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:19.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:19.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:19.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:19.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:19.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:19.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:19.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:19.1.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:19.1.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:19.1.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:19.1.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:19.1.5:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:19.1.6:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:19.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:19.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:19.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:19.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:19.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:19.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:19.2.7:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:20.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:20.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:20.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:20.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:20.1.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:20.1.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:20.1.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:20.1.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:20.1.5:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:20.1.6:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:21.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:21.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:21.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:21.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:21.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:21.1.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:21.1.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:21.2.10:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:21.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:21.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:21.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:21.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:21.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:21.2.7:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:21.2.8:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:21.2.9:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:22.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:22.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:22.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:22.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:22.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:22.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:22.0.8:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:8.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:8.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:8.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:8.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:8.5:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:9.0:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:9.1:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:9.2:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:9.3:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:9.4:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:9.5:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:9.6:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:9.7:*:*:*:*:*:*:*",
"cpe:2.3:a:papercut:papercut_ng:9.8:*:*:*:*:*:*:*"
],
"_timestamp": "2023-07-31T23:53:15.199551Z",
"artifacts": [
{
"greynoiseQueries": [
"https://viz.greynoise.io/tag/papercut-authentication-bypass-check",
"https://viz.greynoise.io/tag/papercut-rce-attempt"
],
"cloneSSHURL": "git@git.vulncheck.com:vulncheck/initial-access.git",
"product": [
"Papercut NG",
"Papercut MF"
],
"censysQueries": [
"https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.http.response.body%3A%22is+a+print+management+system.+Log+in+to+manage+your+print+quotas%22"
],
"dateAdded": "2023-04-24T00:00:00Z",
"yara": false,
"vendor": "Papercut",
"artifactName": "Papercut NG/MF Authentication Bypass and Code Execution",
"versionScanner": true,
"pcap": true,
"snortRule": true,
"suricataRule": true,
"shodanQueries": [
"https://www.shodan.io/search?query=html%3A%22is+a+print+management+system.+Log+in+to+manage+your+print+quotas%22"
],
"exploit": true
}
]
}
]
}
Detection Artifacts
The VulnCheck Initial Access Intelligence product includes detection artifacts in a wide range of formats, to enable defenders to quickly detect & respond to emerging threats.
Fetch Detection Artifacts
To download the latest available detection artifacts, VulnCheck Initial Access Intelligence detection artifacts are available via git or backup file.
