CVE-2024-1882
Published: 14 March 2024
Summary
CVE-2024-1882 is a high-severity Improper Neutralization of Equivalent Special Elements (CWE-76) vulnerability in Papercut Papercut Mf. Its CVSS base score is 7.2 (High).
Operationally, ranked in the top 19.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
CVE-2024-1882 is a remote code execution vulnerability affecting the PaperCut NG/MF application server. It stems from improper handling of a malicious payload that an authenticated administrator can create, as indicated by the associated CWEs including CWE-76. The flaw carries a CVSS 3.1 score of 7.2 with network attack vector, low complexity, and high impact on confidentiality, integrity, and availability.
An already authenticated admin user can supply the crafted payload to execute arbitrary code on the server hosting the PaperCut application. This requires administrative credentials but no user interaction, allowing the attacker to fully compromise the server once the payload is processed.
The vendor has published a security bulletin detailing the issue at the referenced URL. The EPSS score rose materially from a low baseline to a peak of 0.0916 on 2025-12-11 before receding to the current value of 0.0135, indicating that exploitation interest emerged after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-17607
Vulnerability details
This vulnerability allows an already authenticated admin user to create a malicious payload that could be leveraged for remote code execution on the server hosting the PaperCut NG/MF application server.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.