AI description
CVE-2023-27351 is an authentication bypass vulnerability affecting PaperCut NG and PaperCut MF print management solutions. The flaw resides within the `SecurityRequestFilter` class, stemming from an improper implementation of the authentication algorithm. This vulnerability allows remote attackers to bypass authentication on affected installations without requiring any prior credentials or user interaction. Successful exploitation can lead to unauthorized access to sensitive information, including user data such as usernames, full names, email addresses, and hashed passwords for internal PaperCut-created users.
- Description
- This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). Authentication is not required to exploit this vulnerability. The specific flaw exists within the SecurityRequestFilter class. The issue results from improper implementation of the authentication algorithm. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-19226.
- Source
- zdi-disclosures@trendmicro.com
- NVD status
- Analyzed
- Products
- papercut_mf, papercut_ng
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- HIGH
CVSS 3.0
- Type
- Secondary
- Base score
- 8.2
- Impact score
- 4.2
- Exploitability score
- 3.9
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
- Severity
- HIGH
- zdi-disclosures@trendmicro.com
- CWE-287
- Hype score
- Not currently trending
CISA added PaperCut NG/MF (CVE-2023-27351) to KEV — pre-auth bypass via SecurityRequestFilter, marked known-ransomware. PaperCut bugs have a track record with ransomware crews. If your print server is reachable from the internet, patch tonight. https://t.co/PNS4BR191d
@TechTranslators
25 Apr 2026
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA added 8 new vulnerabilities to KEV, including 3 in Cisco Catalyst SD-WAN Manager, and PaperCut CVE-2023-27351 (score 8.2), with active exploitation reported. Stay protected! https://t.co/W3naOtWo4g
@technoholic_me
22 Apr 2026
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Alerte CISA : Exploitation Active de la Vulnérabilité PaperCut CVE-2023-27351 – Correctif Urgent Requis avant le 4 Mai 2026 (zoneantimalware..com) https://t.co/bmYTB8wNnd
@NicolasCoolman
22 Apr 2026
54 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
米国サイバーセキュリティ・社会基盤安全保障庁(CISA)の既知の悪用された脆弱性カタログが更新。4件についてランサムウェアによる悪用を確認。対象はPaperCut NG/MFのCVE-2023-27351、TeamCityのCVE-2024-27199、Exchange Sevr
@__kokumoto
21 Apr 2026
1024 Impressions
0 Retweets
2 Likes
1 Bookmark
1 Reply
1 Quote
TRC analysis shows attackers exploiting CVE-2023-27351 in PaperCut servers to bypass authentication, then escalating privileges and moving laterally across networks. Runtime segmentation can help contain these post-compromise attack chains. #Vulnerability 🔗 Full TRC analysis:
@aviatrixtrc
21 Apr 2026
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISAが既知の悪用された脆弱性8件をカタログに追加 https://t.co/pNkjqAkOwD CVE-2023-27351 PaperCut NG/MF 認証エラーの脆弱性 CVE-2024-27199 JetBrains TeamCity 相対パストラバーサル脆弱性 CVE-2025-2749 Kentico Xperienceのパストラバー
@cybersecnews_jp
21 Apr 2026
136 Impressions
0 Retweets
0 Likes
0 Bookmarks
2 Replies
0 Quotes
Warning: Authentication bypass vulnerability in #PaperCut NG . #CVE-2023-27351 CVSS: 7.5. This vulnerability is #actively exploited and now on the #KEV list! #Patch #Patch #Patch
@CCBalert
21 Apr 2026
98 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔒 #CyberSecurity CVE-2023-27351: PaperCut RCE and Cisco SD-WAN Flaws Added to CISA KEV "CISA flags CVE-2023-27351 in PaperCut as actively exploited. Federal agencies…" 🔗 https://t.co/8cPj8AZuSl #CyberSecurity #ThreatIntel #penetrationtesting #redteam #offensivesecurit
@SecurityAr58409
21 Apr 2026
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2023-27351 #PaperCut #NG/MF Improper Authentication Vulnerability https://t.co/UFtjeLoCVV
@ScyScan
21 Apr 2026
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISAが既知の悪用された脆弱性8件をカタログに追加 CISA Adds Eight Known Exploited Vulnerabilities to Catalog #CISA (Apr 20) CVE-2023-27351 PaperCut NG/MF 認証エラーの脆弱性 CVE-2024-27199 JetBrains TeamCity 相対パストラバーサル脆弱性 C
@foxbook
21 Apr 2026
376 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 BREAKING: CISA has added eight new vulnerabilities to its Known Exploited Vulnerabilities Catalog, including CVE-2023-27351 and CVE-2024-27199, due to active exploitation. Stay vigilant and update systems promptly. #NerdieNews #CyberSecurity #BreakingNews #InfoSec #Cisco htt
@NewsNerdie
20 Apr 2026
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2023-27351 - high 🚨 PaperCut NG - Authentication Bypass > This vulnerability allows remote attackers to bypass authentication on affected insta... 👾 https://t.co/PmaHA1k0Se @pdnuclei #NucleiTemplates #cve
@pdnuclei_bot
26 Dec 2025
147 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Ransomware vulns with highest exploit likelihood ⬆️ (past 30d): - CVE-2021-27876 (Veritas Veritas..) +273.78% - CVE-2022-24521 (CLFS..) +238.29% - CVE-2021-27878 (Veritas Veritas..) +163.49% - CVE-2023-27351 (PaperCut Applic..) +95.65% - CVE-2023-20269 (ASA..) +82.95%
@DefusedCyber
22 Nov 2025
2032 Impressions
1 Retweet
12 Likes
5 Bookmarks
1 Reply
1 Quote
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B754BD95-F7CC-4A77-A5FB-B627E1E636DB",
"versionEndExcluding": "20.1.7",
"versionStartIncluding": "15.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D231C34-F58C-4CA1-B158-64778AC17991",
"versionEndExcluding": "21.2.11",
"versionStartIncluding": "21.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A326E88D-635E-4AC1-B5CE-455306FC9D55",
"versionEndExcluding": "22.0.9",
"versionStartIncluding": "22.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BFB91DE7-FAEA-4F7D-B4B6-6B5211DE4AD0",
"versionEndExcluding": "20.1.7",
"versionStartIncluding": "15.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DE19845-02F0-4BB9-BECB-49B34FACB55D",
"versionEndExcluding": "21.2.11",
"versionStartIncluding": "21.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C1852E7B-0B3F-4208-A26E-CB117E0C0CD8",
"versionEndExcluding": "22.0.9",
"versionStartIncluding": "22.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]