Papercut MF & NG Active Exploit

  • facebook share link
  • twitter share link
  • linkedin share link
  • mail share link

Date of Notice: 04/20/2023

Action Level - Critical


Papercut is reporting that two previously reported vulnerabilities, including one with critical severity, are now being exploited by attackers. These vulnerabilities can allow an unauthenticated attacker to perform Remote Code Execution on a Papercut server. As this is being actively exploited, Papercut recommends immediate patching as well as investigation into whether your servers may have been compromised.

Affected Versions

  • Papercut MF and NG - Application and Site Servers

Attack Vector

This exploit can be performed remotely and without authentication.

Attack Feasibility 

An exploit currently exists in the wild.


Update to a fixed release (see above)

Vendor Resources

Vendor Advisory (Includes update info and recommendations on exploit detection)

<-- Return to Cybersecurity Alerts...

PO Box 12889
3021 East Cornwallis Road
RTP, NC 27709-2889
919-248-1900 Phone | 919-248-1101 Fax
Connect With Us
  • linkedin
  • instagram
  • x
  • facebook
  • youtube
© 2024 MCNC