Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

PaperCut — Vulnerabilities & Security Advisories 26

Browse all 26 CVE security advisories affecting PaperCut. AI-powered Chinese analysis, POCs, and references for each vulnerability.

PaperCut is a widely deployed print management solution that centralizes control over printing, scanning, and copying workflows across enterprise environments. Its architecture, which integrates deeply with existing network infrastructure, has historically exposed it to diverse security flaws. Recorded vulnerabilities frequently involve remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation or insecure default configurations in its web interface and API endpoints. These issues allow attackers to potentially gain unauthorized access to sensitive document data or disrupt critical office operations. While the vendor actively releases patches, the sheer volume of twenty-six Common Vulnerabilities and Exposures highlights the complexity of securing such integrated systems. Organizations must prioritize timely updates and strict access controls to mitigate risks associated with these known weaknesses, ensuring that the convenience of centralized print management does not compromise overall network integrity.

Top products by PaperCut: PaperCut NG, PaperCut MF PaperCut NG/MF NG PaperCut NG PaperCut MF Print Deploy PaperCut Hive
CVE IDTitleCVSSSeverityPublished
CVE-2026-7824 PaperCut Hive (Ricoh): Plain text password in logs — PaperCut HiveCWE-532 6.5 -2026-05-05
CVE-2026-6418 PaperCut NG/MF: Path Traversal in Shared Account Synchronization — PaperCut NG/MFCWE-36 2.7 -2026-05-05
CVE-2026-6180 PaperCut MF: Card truncation on HP readers — PaperCut NG/MFCWE-367 3.7 -2026-05-05
CVE-2026-5115 Session hijacking in PaperCut NG/MF embedded application for Konica Minolta devices — Papercut NG/MFCWE-319 7.1AIHighAI2026-03-31
CVE-2026-4794 Multiple cross-site scripting (XSS) vulnerabilities in PaperCut NG/MF — PaperCut NG/MFCWE-79 4.8AIMediumAI2026-03-31
CVE-2025-9785 Misconfigured certificate validation with self-signed certificates for Print Deploy — Print DeployCWE-295 7.4AIHighAI2025-09-03
CVE-2024-9672 Reflected XSS in PaperCut MF — PaperCut MFCWE-917 6.1 -2024-12-09
CVE-2023-39470 PaperCut NG print.script.sandboxed Exposed Dangerous Function Remote Code Execution Vulnerability — NGCWE-749 8.8 -2024-11-22
CVE-2024-8404 Arbitrary File Deletion in PaperCut NG/MF Web Print Hot folder — PaperCut NG, PaperCut MFCWE-59 7.8 High2024-09-26
CVE-2024-8405 Arbitrary File Creation in PaperCut NG/MF Web Print leading to a Denial of Service attack — PaperCut NG, PaperCut MFCWE-77 6.1 Medium2024-09-26
CVE-2024-4712 Arbitrary File Creation in PaperCut NG/MF Web Print Image Handler — PaperCut NG, PaperCut MFCWE-77 7.8 High2024-05-14
CVE-2024-3037 Arbitrary File Deletion in PaperCut NG/MF Web Print — PaperCut NG, PaperCut MFCWE-59 7.8 High2024-05-14
CVE-2023-39469 PaperCut NG External User Lookup Code Injection Remote Code Execution Vulnerability — NGCWE-94 8.8 -2024-05-03
CVE-2024-1884 Server Side Request Forgery in PaperCut NG/MF — PaperCut NG, PaperCut MFCWE-918 6.5 Medium2024-03-14
CVE-2024-1883 Reflected XSS in PaperCut NG/MF — PaperCut NG, PaperCut MFCWE-76 6.3 Medium2024-03-14
CVE-2024-1882 Server-side resource injection in PaperCut NG/MF — PaperCut NG, PaperCut MFCWE-76 7.2 High2024-03-14
CVE-2024-1654 Unauthorized write operations in PaperCut NG/MF — PaperCut NG, PaperCut MFCWE-183 7.2 High2024-03-14
CVE-2024-1223 Improper authorization controls in PaperCut NG/MF — PaperCut NG, PaperCut MFCWE-488 4.8 Medium2024-03-14
CVE-2024-1222 Incorrect authorization controls in PaperCut NG/MF APIs — PaperCut NG, PaperCut MFCWE-250 8.6 High2024-03-14
CVE-2024-1221 Improper access controls on APIs on Linux and macOS in PaperCut NG/MF — PaperCut NG, PaperCut MFCWE-76 3.1 Low2024-03-14
CVE-2023-6006 Privilege Escalation Vulnerability — PaperCut NG, PaperCut MFCWE-250 7.8 High2023-11-14
CVE-2023-4568 PaperCut NG Unauthenticated XMLRPC — PaperCut NGCWE-287 6.5 Medium2023-09-13
CVE-2023-3486 PaperCut NG Unauthenticated File Upload — PaperCut NGCWE-434 8.2 High2023-07-25
CVE-2023-2533 PaperCut MF/NG 22.0.10 (Build 65996 2023-03-27) - Remote code execution via CSRF — PaperCut NG/MFCWE-352 8.4 High2023-06-20
CVE-2023-27350 PaperCut NG 访问控制错误漏洞 — NGCWE-284 9.8 -2023-04-20
CVE-2023-27351 PaperCut NG 授权问题漏洞 — NGCWE-287 9.8 -2023-04-20

This page lists every published CVE security advisory associated with PaperCut. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.