← ExploitWatch
HomeExploited Vulnerabilities

CVE-2023-2533 — Actively Exploited: NG/MF (PaperCut)

PaperCut NG/MF contains a cross-site request forgery (CSRF) vulnerability, which, under specific conditions, could potentially enable an attacker to alter security settings or execute arbitrary code.

CVE IDCVE-2023-2533
VendorPaperCut
ProductNG/MF
Vulnerability namePaperCut NG/MF Cross-Site Request Forgery (CSRF) Vulnerability
Date added2025-07-28
Remediation due2025-08-18
Known ransomware useUnknown
Required actionApply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
DescriptionPaperCut NG/MF contains a cross-site request forgery (CSRF) vulnerability, which, under specific conditions, could potentially enable an attacker to alter security settings or execute arbitrary code.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →