← ExploitWatch
HomeExploited Vulnerabilities

CVE-2023-27351 — Actively Exploited: NG/MF (PaperCut)

PaperCut NG/MF contains an improper authentication vulnerability that could allow remote attackers to bypass authentication on affected installations via the SecurityRequestFilter class.

CVE IDCVE-2023-27351
VendorPaperCut
ProductNG/MF
Vulnerability namePaperCut NG/MF Improper Authentication Vulnerability
Date added2026-04-20
Remediation due2026-05-04
Known ransomware useKnown
Required actionApply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
DescriptionPaperCut NG/MF contains an improper authentication vulnerability that could allow remote attackers to bypass authentication on affected installations via the SecurityRequestFilter class.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →