Papercut

Papercut Ng

29 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.9

CVE-2026-6418

  • EPSS 0.38%
  • Veröffentlicht 05.05.2026 06:21:37
  • Zuletzt bearbeitet 12.05.2026 15:53:35

An issue was discovered in the Shared Account Synchronization component of PaperCut MF (version 25.0.4). The application allows administrative users to configure a source path for account data synchronization. Due to a lack of proper path validati...

8.1

CVE-2026-6180

  • EPSS 0.23%
  • Veröffentlicht 05.05.2026 06:19:44
  • Zuletzt bearbeitet 12.05.2026 19:04:43

A race condition exists in PaperCut MF when processing badge-swipe data from certain HP multifunction devices. Under specific network conditions involving dropped packets and out-of-order sequence counters, the server may incorrectly process fragment...

4.8

CVE-2026-4794

  • EPSS 0.18%
  • Veröffentlicht 31.03.2026 00:39:56
  • Zuletzt bearbeitet 03.04.2026 18:15:05

Multiple cross-site scripting (XSS) vulnerabilities in PaperCut NG/MF before 25.0.10 allow authenticated administrator users to inject arbitrary web script or HTML code via different UI fields. This could be used to compromise other admininistrator's...

5.4

CVE-2024-9672

  • EPSS 0.22%
  • Veröffentlicht 10.12.2024 00:15:22
  • Zuletzt bearbeitet 30.01.2025 14:55:08

A reflected cross-site scripting (XSS) vulnerability exists in PaperCut NG/MF. This issue can be used to execute specially created JavaScript payloads in the browser. A user must click on a malicious link for this issue to occur.

7.2

CVE-2023-39470

  • EPSS 1.71%
  • Veröffentlicht 22.11.2024 20:15:05
  • Zuletzt bearbeitet 09.01.2025 15:46:02

PaperCut NG print.script.sandboxed Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PaperCut NG. Authentication is required to exploit th...

5.5

CVE-2024-8405

  • EPSS 0.24%
  • Veröffentlicht 26.09.2024 02:15:03
  • Zuletzt bearbeitet 03.10.2024 00:51:18

An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. This specific flaw exists within the web-print.exe process, which can incorrectly create files that don’t exist when a malicio...

7.8

CVE-2024-8404

  • EPSS 0.39%
  • Veröffentlicht 26.09.2024 02:15:02
  • Zuletzt bearbeitet 13.05.2025 03:15:23

An arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. To exploit this vulnerability, an attacker must first obtain local login access to the Windows Server hosting PaperCut N...

7.8

CVE-2024-4712

  • EPSS 0.41%
  • Veröffentlicht 14.05.2024 15:44:27
  • Zuletzt bearbeitet 30.01.2025 14:58:45

An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. This specific flaw exists within the image-handler process, which can incorrectly create files that don’t exist when a malicio...

7.8

CVE-2024-3037

  • EPSS 0.4%
  • Veröffentlicht 14.05.2024 15:39:48
  • Zuletzt bearbeitet 27.01.2025 18:05:07

An arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. To exploit this vulnerability, an attacker must first obtain local login access to the Windows Server hosting PaperCut N...

7.2

CVE-2023-39469

  • EPSS 58.09%
  • Veröffentlicht 03.05.2024 03:15:12
  • Zuletzt bearbeitet 30.01.2025 14:53:12

PaperCut NG External User Lookup Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PaperCut NG. Authentication is required to exploit this vulnerabili...