CVE-2023-27350
PaperCut MF/NG Improper Access Control Vulnerability
CVSS
—
No CVSS
EPSS
100.0%
p100
KEV
YES
Apr 21, 2023
Exploit Today
80
0-100
Published: — · Last modified: —
100.0%EPSS · 30 days100.0%
2026-06-302026-07-16
Product
PaperCut / MF/NG
Vulnerability
PaperCut MF/NG Improper Access Control Vulnerability
Added to KEV
Apr 21, 2023
Remediate by
May 12, 2023
Known ransomware use
Yes
Summary description
PaperCut MF/NG contains an improper access control vulnerability within the SetupCompleted class that allows authentication bypass and code execution in the context of system.
Required action
Apply updates per vendor instructions.
Notes
https://www.papercut.com/kb/Main/PO-1216-and-PO-1219; https://nvd.nist.gov/vuln/detail/CVE-2023-27350
No related CVEs by CWE or product.