""ET WEB_SPECIFIC_APPS PaperCut NG/MF Directory Traversal/File Upload Vulnerability Check (CVE-2023-39143)""

SID: 2047632

Revision: 1

Class Type: attempted-admin

Metadata: affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Web_Server, created_at 2023_08_11, cve CVE_2023_39143, deployment Perimeter, deployment Internal, deployment SSLDecrypt, performance_impact Low, confidence High, signature_severity Major, updated_at 2023_08_11

Reference:

• cve

• 2023-39143

Protocol: tcp

Source Network: any

Source Port: any

Destination Network: $HOME_NET

Destination Port: $HTTP_PORTS

Flow: established,to_server

Contents:

• Value: "/custom-report-example/"

Offset: 4

• Value: "|2e 2e 5c 2e 2e 5c 2e 2e 5c|deployment|5c|sharp|5c|icons|5c|home|2d|app|2e|png"

Within:

PCRE:

Special Options:

• fast_pattern

• http_raw_uri

source