Papercut Mf
by Papercut
CVEs (29)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-1221 | 0.00 | — | 0.01 | Mar 14, 2024 | This vulnerability potentially allows files on a PaperCut NG/MF server to be exposed using a specifically formed payload against the impacted API endpoint. The attacker must carry out some reconnaissance to gain knowledge of a system token. This CVE only affects Linux and macOS… | |||
| CVE-2023-6006 | 0.00 | — | 0.00 | Nov 14, 2023 | This vulnerability potentially allows local attackers to escalate privileges on affected installations of PaperCut NG. An attacker must have local write access to the C Drive. In addition, Print Archiving must be enabled or the attacker needs to encounter a misconfigured system.… | |||
| CVE-2023-31046 | 0.00 | — | 0.01 | Oct 19, 2023 | A Path Traversal vulnerability exists in PaperCut NG before 22.1.1 and PaperCut MF before 22.1.1. Under specific conditions, this could potentially allow an authenticated attacker to achieve read-only access to the server's filesystem, because requests beginning with "GET… | |||
| CVE-2023-2508 | 0.00 | — | 0.00 | Sep 20, 2023 | The `PaperCutNG Mobility Print` version 1.0.3512 application allows an unauthenticated attacker to perform a CSRF attack on an instance administrator to configure the clients host (in the "configure printer discovery" section). This is possible because the application has no … | |||
| CVE-2019-12135 | 0.00 | — | 0.02 | Jun 6, 2019 | An unspecified vulnerability in the application server in PaperCut MF and NG versions 18.3.8 and earlier and versions 19.0.3 and earlier allows remote attackers to execute arbitrary code via an unspecified vector. | |||
| CVE-2019-8948 | 0.00 | — | 0.04 | Feb 20, 2019 | PaperCut MF before 18.3.6 and PaperCut NG before 18.3.6 allow script injection via the user interface, aka PC-15163. | |||
| CVE-2014-2658 | 0.00 | — | 0.01 | Apr 28, 2014 | Unspecified vulnerability in Papercut MF and NG before 14.1 (Build 26983) allows attacker to cause a denial of service via unknown vectors. | |||
| CVE-2014-2657 | 0.00 | — | 0.01 | Apr 28, 2014 | Unspecified vulnerability in the print release functionality in PaperCut MF before 14.1 (Build 26983) has unknown impact and remote vectors, related to embedded MFPs. | |||
| CVE-2014-2659 | 0.00 | — | 0.01 | Apr 22, 2014 | Cross-site request forgery (CSRF) vulnerability in the admin UI in Papercut MF and NG before 14.1 (Build 26983) allows remote attackers to hijack the authentication of administrators via unspecified vectors. |
- CVE-2024-1221Mar 14, 2024risk 0.00cvss —epss 0.01
This vulnerability potentially allows files on a PaperCut NG/MF server to be exposed using a specifically formed payload against the impacted API endpoint. The attacker must carry out some reconnaissance to gain knowledge of a system token. This CVE only affects Linux and macOS…
- CVE-2023-6006Nov 14, 2023risk 0.00cvss —epss 0.00
This vulnerability potentially allows local attackers to escalate privileges on affected installations of PaperCut NG. An attacker must have local write access to the C Drive. In addition, Print Archiving must be enabled or the attacker needs to encounter a misconfigured system.…
- CVE-2023-31046Oct 19, 2023risk 0.00cvss —epss 0.01
A Path Traversal vulnerability exists in PaperCut NG before 22.1.1 and PaperCut MF before 22.1.1. Under specific conditions, this could potentially allow an authenticated attacker to achieve read-only access to the server's filesystem, because requests beginning with "GET…
- CVE-2023-2508Sep 20, 2023risk 0.00cvss —epss 0.00
The `PaperCutNG Mobility Print` version 1.0.3512 application allows an unauthenticated attacker to perform a CSRF attack on an instance administrator to configure the clients host (in the "configure printer discovery" section). This is possible because the application has no …
- CVE-2019-12135Jun 6, 2019risk 0.00cvss —epss 0.02
An unspecified vulnerability in the application server in PaperCut MF and NG versions 18.3.8 and earlier and versions 19.0.3 and earlier allows remote attackers to execute arbitrary code via an unspecified vector.
- CVE-2019-8948Feb 20, 2019risk 0.00cvss —epss 0.04
PaperCut MF before 18.3.6 and PaperCut NG before 18.3.6 allow script injection via the user interface, aka PC-15163.
- CVE-2014-2658Apr 28, 2014risk 0.00cvss —epss 0.01
Unspecified vulnerability in Papercut MF and NG before 14.1 (Build 26983) allows attacker to cause a denial of service via unknown vectors.
- CVE-2014-2657Apr 28, 2014risk 0.00cvss —epss 0.01
Unspecified vulnerability in the print release functionality in PaperCut MF before 14.1 (Build 26983) has unknown impact and remote vectors, related to embedded MFPs.
- CVE-2014-2659Apr 22, 2014risk 0.00cvss —epss 0.01
Cross-site request forgery (CSRF) vulnerability in the admin UI in Papercut MF and NG before 14.1 (Build 26983) allows remote attackers to hijack the authentication of administrators via unspecified vectors.
Page 2 of 2