MEDIUM SeverityCVSS 4.05.9CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

CVE-2026-7824

Last updated May 05, 2026 · Published May 05, 2026

Description

An issue was discovered in the PaperCut Hive Ricoh embedded application. When the "Deep Logging" (diagnostic) mode is enabled, the application inadvertently records administrative credentials in plain text within the log files. An attacker with administrative access to the PaperCut Hive management portal could remotely enable deep logging and subsequently retrieve sensitive device passwords from the logs after an authorized user authenticates at the device. This exposure allows for the lateral movement or unauthorized configuration of the physical print hardware.

Affected products

1 listed

PaperCut:PaperCut Hive

Mappings

CWE

CWE-532

CAPEC

None listed.

Guides

Secrets management in GitHub Actions: prevent leaks and rotate safelySecrets management in GitHub Actions starts with repository or environment secrets, scoped tokens, and OIDC…

Training

Logging and Detection EngineeringWriting logs that actually help you find attackers - structured, contextual, actionable.

CVE-2026-7824

Description

Affected products

Mappings

Related