PaperCut Vulnerability - CVE-2023-27350, CVE-2023-27351

20 Apr / 2023

Cyber Security

PaperCut MF & PaperCut NG Vulnerabilities

CVE: CVE-2023-27350, CVE-2023-27351


  • PaperCut MF or NG version 8.0 or later, on all OS platforms (CVE-2023-27350) (Remote Code Execution)
  • PaperCut MF or NG version 15.0 or later, on all OS platforms (CVE-2023-27351) (Unauthenticated Information Disclosure)


  • Papercut have updated this security advisory ( regarding two vulnerabilities in their Papercut MF and Papercut NG software.
  • They now advise that they have evidence to suggest that unpatched servers are being exploited in the wild.


  • Papercut has been made aware of two vulnerabilities in their Papercut MF and Papercut NG software.
  • CVE-2023-27350 is an Unauthenticated Remote Code Execution with SYSTEM level permission on the hosting server.
  • CVE-2023-27351 is an Unauthenticated Request Bypass that can allow the exfiltration all the information stored within the PaperCut NG or MF application. This includes Names, Emails, Departments and Access Card Numbers. This can include hashed passwords for locally created users, but not passwords for accounts synchronised to a directory service.



  • Look for suspicious activity in Logs > Application Log, within the PaperCut admin interface.
  • Keep an eye out in particular for any updates from a user called [setup wizard].
  • Look for new (suspicious) users being created, or other configuration keys being tampered with.
  • If your Application Server server logs happen to be in debug mode, check to see if there are lines mentioning Setup Completed at a time not correlating with the server installation or upgrade. Server logs can be found e.g. in [app-path]/server/logs/*.* where server.log is normally the most recent log file.

Cythera is committed to protecting our customers from cyber threats and ensuring their business continuity. If you have any questions or concerns about CVE-2023-27350 or any other cybersecurity issue, please contact us today.


You may be interested in

Upcoming ISO 27001 Audit? 5 Ways to Nail It.

Undergoing an ISO 27001 audit can be a stressful time, not only do you have your day-to-day role to manage, but you also need to spend months in…

Read More arrow_forward

The greatest security toolset you may not be using : Visibility

The Cythera security operations team has detected and responded to several security incidents with our clients over the last few weeks and a com…

Read More arrow_forward

Safeguarding the Australian Health Sector with SASE: Beyond Perimeter Defense

Safeguarding the Australian Health Sector with SASE: Beyond Perimeter Defense Across the Australian healthcare landscape, digital transformatio…

Read More arrow_forward