Vulnerabilities > Papercut > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-09-26 CVE-2024-8405 Command Injection vulnerability in Papercut NG
An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled.
local
low complexity
papercut CWE-77
5.5
2023-11-14 CVE-2023-6006 Unspecified vulnerability in Papercut MF
This vulnerability potentially allows local attackers to escalate privileges on affected installations of PaperCut NG.
local
low complexity
papercut
6.7
2023-10-19 CVE-2023-31046 Path Traversal vulnerability in Papercut MF
A Path Traversal vulnerability exists in PaperCut NG before 22.1.1 and PaperCut MF before 22.1.1.
network
low complexity
papercut CWE-22
6.5
2023-09-20 CVE-2023-2508 Cross-Site Request Forgery (CSRF) vulnerability in Papercut Mobility Print Server 1.0.3512
The `PaperCutNG Mobility Print` version 1.0.3512 application allows an unauthenticated attacker to perform a CSRF attack on an instance administrator to configure the clients host (in the "configure printer discovery" section).
network
low complexity
papercut CWE-352
6.5
2023-09-13 CVE-2023-4568 Improper Authentication vulnerability in Papercut NG
PaperCut NG allows for unauthenticated XMLRPC commands to be run by default.
network
low complexity
papercut CWE-287
6.5