Full title: PaperCut PaperCutNG Authentication Bypass Exploit Category: remote exploits Platform: java This Metasploit module leverages an authentication bypass in PaperCut NG. If necessary it updates Papercut configuration options, specifically the print-and-de vice.script.enabled and print.script.sandboxed options to allow for arbitrary code execution running in the builtin RhinoJS engine. This module logs at most 2 events in the application log of papercut. Each event is tied to modification of server settings. # 0day.today @ http://0day.today/