PaperCut Multiple Vulnerabilities

Release Date: 21 Apr 2026 4618 Views

RISK: High Risk

High Risk

TYPE: Servers - Other Servers

TYPE: Other Servers

Multiple vulnerabilities were identified in PaperCut. A remote attacker could exploit these vulnerabilities to trigger security restriction bypass and remote code execution on the targeted system.

 

Note:

CVE-2023-27351 is being exploited in the wild. A remote attacker could leverage this vulnerability to bypass authentication on affected installations via the SecurityRequestFilter class. Hence, the risk level is rated as High Risk.

Impact

  • Security Restriction Bypass
  • Remote Code Execution

System / Technologies affected

CVE-2023–27350

PaperCut MF or NG version 8.0 or later (excluding patched versions). This includes:

  • version 8.0.0 to 19.2.7 (inclusive)
  • version 20.0.0 to 20.1.6 (inclusive)
  • version 21.0.0 to 21.2.10 (inclusive)
  • version 22.0.0 to 22.0.8 (inclusive)


CVE-2023–27351

PaperCut MF or NG version 15.0 or later (excluding patched versions). This includes:

  • version 15.0.0 to 19.2.7 (inclusive)
  • version 20.0.0 to 20.1.6 (inclusive)
  • version 21.0.0 to 21.2.10 (inclusive)
  • version 22.0.0 to 22.0.8 (inclusive)

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:
 

  • PaperCut NG/MF version 20.1.7
  • PaperCut NG/MF version 21.2.11
  • PaperCut NG/MF versions 22.0.9 and later versions

Vulnerability Identifier

Source

Related Link

Related Tags

PaperCutRemote Code ExecutionSecurity Restriction BypassExploit In The Wild

Share with

Previous

Zimbra Collaboration Suite Information Disclosure Vulnerability

21 Apr 2026 12852 Views

Next

Oracle Products Multiple Vulnerabilities

22 Apr 2026 20305 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY