CVE-2023-27350

🗓️ 20 Apr 2023 00:00:00Reported by zdiType

cve🔗 web.nvd.nist.gov📰️ 4 Media mentions👁 1139 Views🌐 WEB

PaperCut NG 22.0.5 (Build 63914) authentication bypass vulnerability

Reporter	Title	Published	Views	Family All 79
GithubExploit	Exploit for Improper Access Control in Papercut Papercut_Mf	21 Apr 202320:13	–	githubexploit
GithubExploit	Exploit for Improper Access Control in Papercut Papercut_Mf	14 Apr 202502:33	–	githubexploit
GithubExploit	Exploit for Improper Access Control in Papercut Papercut_Mf	25 Apr 202320:51	–	githubexploit
GithubExploit	Exploit for Improper Access Control in Papercut Papercut_Mf	27 May 202311:32	–	githubexploit
GithubExploit	Exploit for Improper Access Control in Papercut Papercut_Mf	30 May 202619:08	–	githubexploit
GithubExploit	Exploit for Improper Access Control in Papercut Papercut_Mf	21 Apr 202320:13	–	githubexploit
GithubExploit	Exploit for Improper Access Control in Papercut Papercut_Mf	9 Mar 202518:08	–	githubexploit
GithubExploit	Exploit for Improper Access Control in Papercut Papercut_Mf	5 Jul 202514:07	–	githubexploit
GithubExploit	Exploit for Improper Access Control in Papercut Papercut_Mf	22 Apr 202321:34	–	githubexploit
GithubExploit	Exploit for Improper Access Control in Papercut Papercut_Mf	21 Apr 202320:13	–	githubexploit

NVD

Vulners

Node

papercut papercut_mfRange8.0–20.1.7

papercut papercut_mfRange21.0.0–21.2.11

papercut papercut_mfRange22.0.0–22.0.9

papercut papercut_ngRange8.0–20.1.7

papercut papercut_ngRange21.0.0–21.2.11

papercut papercut_ngRange22.0.0–22.0.9

[
  {
    "vendor": "PaperCut",
    "product": "NG",
    "versions": [
      {
        "version": "22.0.5 (Build 63914)",
        "status": "affected"
      }
    ]
  }
]

Source	Link
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-23-233/
packetstormsecurity	www.packetstormsecurity.com/files/172512/PaperCut-NG-MG-22.0.4-Remote-Code-Execution.html
packetstormsecurity	www.packetstormsecurity.com/files/171982/PaperCut-MF-NG-Authentication-Bypass-Remote-Code-Execution.html
news	www.news.sophos.com/en-us/2023/04/27/increased-exploitation-of-papercut-drawing-blood-around-the-internet/
papercut	www.papercut.com/kb/Main/PO-1216-and-PO-1219
packetstormsecurity	www.packetstormsecurity.com/files/172022/PaperCut-NG-MG-22.0.4-Authentication-Bypass.html
packetstormsecurity	www.packetstormsecurity.com/files/172780/PaperCut-PaperCutNG-Authentication-Bypass.html
cisa	www.cisa.gov/known-exploited-vulnerabilities-catalog

Parameter	Position	Path	Description	CWE
service	query param	/app	Authentication bypass via SetupCompleted page to gain session and CSRF token.	CWE-284
service	request body	/app	Config quickFind form used to read server options during bypass process.	CWE-284
sp	request body	/app	Config quickFind form used to read server options during bypass process.	CWE-284
Form0	request body	/app	Config quickFind form used to read server options during bypass process.	CWE-284
$TextField	request body	/app	Config quickFind form used to read server options during bypass process.	CWE-284
doQuickFind	request body	/app	Config quickFind form used to read server options during bypass process.	CWE-284
service	request body	/app	ConfigEditor/Update of option values via POST to apply potential overrides.	CWE-284
sp	request body	/app	ConfigEditor/Update of option values via POST to apply potential overrides.	CWE-284
Form1	request body	/app	ConfigEditor/Update of option values via POST to apply potential overrides.	CWE-284
$TextField$0	request body	/app	ConfigEditor/Update of option values via POST to apply potential overrides.	CWE-284

17 Jun 2026 05:44Current

9.1High risk

Vulners AI Score9.1

CVSS 3.19.8

CVSS 39.8

EPSS0.99999

SSVC

papercut ng 22.0.5 authentication bypass vulnerability cve-2023-27350 nvd zdi-can-18987