CVE-2026-7824 MEDIUM

CVE-2026-7824: PaperCut Hive (Ricoh): Plain text password in logs

Vendor Papercut
Product PaperCut Hive
Weakness CWE-532 · Sensitive info in logs
Published May 5, 2026
Last update May 5, 2026

CVSS base score

5.9/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

01Description

An issue was discovered in the PaperCut Hive Ricoh embedded application. When the "Deep Logging" (diagnostic) mode is enabled, the application inadvertently records administrative credentials in plain text within the log files. An attacker with administrative access to the PaperCut Hive management portal could remotely enable deep logging and subsequently retrieve sensitive device passwords from the logs after an authorized user authenticates at the device. This exposure allows for the lateral movement or unauthorized configuration of the physical print hardware.

Key dates

02Disclosure timeline

May 5, 2026 CVE published
May 5, 2026 Record updated