CVE-2026-7824

Published: Mag 05, 2026 Last Modified: Mag 05, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 5,9

Source: eb41dac7-0af8-4f84-9f6d-0272772514f4

Attack Vector: network

Attack Complexity: low

Privileges Required: high

User Interaction: none

Confidentiality: N/A

Integrity: N/A

Availability: N/A

Description

AI Translation Available

An issue was discovered in the PaperCut Hive Ricoh embedded application. When the 'Deep Logging' (diagnostic) mode is enabled, the application inadvertently records administrative credentials in plain text within the log files.

An attacker with administrative access to the PaperCut Hive management portal could remotely enable deep logging and subsequently retrieve sensitive device passwords from the logs after an authorized user authenticates at the device. This exposure allows for the lateral movement or unauthorized configuration of the physical print hardware.

532

Insertion of Sensitive Information into Log File

Incomplete

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Confidentiality

Potential Impacts:

Read Application Data

Applicable Platforms

All platforms may be affected

Likelihood of Exploit: Medium

View CWE Details

https://www.papercut.com/kb/Main/papercut-ng-mf-and-papercu…

https://www.papercut.com/kb/Main/papercut-ng-mf-and-papercut-hive-security-bull…

CVE-2026-7824

Description

Insertion of Sensitive Information into Log File

Common Consequences

Applicable Platforms

Iscriviti alla newsletter