Papercut Papercut Ng, Papercut Mf
12 CVEs affecting Papercut Papercut Ng, Papercut Mf. Latest disclosed: 2024-09-26. Critical: 0, High: 7.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-1222 | High | 8.6 | 2024-03-14 | This allows attackers to use a maliciously formed API request to gain access to an API authorization level with elevated privileges. This applies to a small su… |
CVE-2024-8404 | High | 7.8 | 2024-09-26 | An arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. To exploit this vulnerability… |
CVE-2024-4712 | High | 7.8 | 2024-05-14 | An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. This specific flaw exists within th… |
CVE-2024-3037 | High | 7.8 | 2024-05-14 | An arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. To exploit this vulnerability… |
CVE-2023-6006 | High | 7.8 | 2023-11-14 | This vulnerability potentially allows local attackers to escalate privileges on affected installations of PaperCut NG. An attacker must have local write access… |
CVE-2024-1882 | High | 7.2 | 2024-03-14 | This vulnerability allows an already authenticated admin user to create a malicious payload that could be leveraged for remote code execution on the server hos… |
CVE-2024-1654 | High | 7.2 | 2024-03-14 | This vulnerability potentially allows unauthorized write operations which may lead to remote code execution. An attacker must already have authenticated admin… |
CVE-2024-1884 | Medium | 6.5 | 2024-03-14 | This is a Server-Side Request Forgery (SSRF) vulnerability in the PaperCut NG/MF server-side module that allows an attacker to induce the server-side applicat… |
CVE-2024-1883 | Medium | 6.3 | 2024-03-14 | This is a reflected cross site scripting vulnerability in the PaperCut NG/MF application server. An attacker can exploit this weakness by crafting a malicious… |
CVE-2024-8405 | Medium | 6.1 | 2024-09-26 | An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. This specific flaw exists within th… |
CVE-2024-1223 | Medium | 4.8 | 2024-03-14 | This vulnerability potentially allows unauthorized enumeration of information from the embedded device APIs. An attacker must already have existing knowledge o… |
CVE-2024-1221 | Low | 3.1 | 2024-03-14 | This vulnerability potentially allows files on a PaperCut NG/MF server to be exposed using a specifically formed payload against the impacted API endpoint. The… |