Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

papercut papercut mf vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2023-39469
PaperCut NG External User Lookup Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of PaperCut NG. Authentication is required to exploit this vulnerability. The specific flaw ex...
NA
CVE-2024-1882
This vulnerability allows an already authenticated admin user to create a malicious payload that could be leveraged for remote code execution on the server hosting the PaperCut NG/MF application server.
NA
CVE-2024-1883
This is a reflected cross site scripting vulnerability in the PaperCut NG/MF application server. An attacker can exploit this weakness by crafting a malicious URL that contains a script. When an unsuspecting user clicks on this malicious link, it could potentially lead to limited...
NA
CVE-2024-1884
This is a Server-Side Request Forgery (SSRF) vulnerability in the PaperCut NG/MF server-side module that allows an malicious user to induce the server-side application to make HTTP requests to an arbitrary domain of the attacker's choosing.
NA
CVE-2024-1221
This vulnerability potentially allows files on a PaperCut NG/MF server to be exposed using a specifically formed payload against the impacted API endpoint. The attacker must carry out some reconnaissance to gain knowledge of a system token. This CVE only affects Linux and macOS P...
NA
CVE-2024-1222
This allows malicious users to use a maliciously formed API request to gain access to an API authorization level with elevated privileges. This applies to a small subset of PaperCut NG/MF API calls.
6.5
CVSSv3
CVE-2023-31046
A Path Traversal vulnerability exists in PaperCut NG prior to 22.1.1 and PaperCut MF prior to 22.1.1. Under specific conditions, this could potentially allow an authenticated malicious user to achieve read-only access to the server's filesystem, because requests beginning wi...
Papercut Papercut MfPapercut Papercut Ng
9.8
CVSSv3
CVE-2023-39143
PaperCut NG and PaperCut MF prior to 22.1.3 on Windows allow path traversal, enabling malicious users to upload, read, or delete arbitrary files. This leads to remote code execution when external device integration is enabled (a very common configuration).
Papercut Papercut MfPapercut Papercut Ng
7.5
CVSSv3
CVE-2023-3486
An authentication bypass exists in PaperCut NG versions 22.0.12 and prior that could allow a remote, unauthenticated malicious user to upload arbitrary files to the PaperCut NG host’s file storage. This could exhaust system resources and prevent the service from operating a...
Papercut Papercut MfPapercut Papercut Ng
8.8
CVSSv3
CVE-2023-2533
A Cross-Site Request Forgery (CSRF) vulnerability has been identified in PaperCut NG/MF, which, under specific conditions, could potentially enable an malicious user to alter security settings or execute arbitrary code. This could be exploited if the target is an admin with a cur...
Papercut Papercut Mf 22.0.10Papercut Papercut Ng 22.0.10
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028memory leaklog injectionCVE-2024-3400CVE-2022-48695CVE-2022-48675CVE-2024-34487CVE-2024-33792spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook