CNNVD-202509-3073 Information
CNNVD ID
CNNVD-202509-3073
Related CVE
- CNNVD Published: 2025-09-19
Description (Chinese)
Vasion Print Virtual Appliance Host和Vasion Print Application都是美国Vasion公司的产品。Vasion Print Virtual Appliance Host是一个打印管理软件。Vasion Print Application是一个打印机管理应用程序。 Vasion Print Virtual Appliance Host 22.0.843之前版本和Vasion Print Application 20.0.1923版本存在安全漏洞,该漏洞源于/var/www/app/resetroot.php缺少身份验证检查,可能导致数据库控制权获取,以及/var/www/app/lib/common/oses.php中存在反序列化问题,可能导致远程代码执行。
Description (English)
Vasion Print Virgin Application Host and Vasion Prince Application are products of the United States company Vasion. Vasion Prit Virgin Application Host is a print management software. Vasion Prince Application is a printer management application. The security gap that existed in previous versions of Vasion Print Mutual Application 22.0.843 and Vasion Prince Application 20.0.1923 stems from/var/www/app/resetroot.php ’ s lack of identification checks, which may lead to access to database control, and the problem of inverse sequencing in var/www/app/lib/common/oses.php, which may lead to remote code execution.
Hazard Level
Low
Vulnerability Type
其他
Affected Vendor
Vela
Published
2025-09-19
Last Modified
2026-02-24
References
https://help.printerlogic.com/va/Print/Security/Security-Bulletins.htm https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm https://www.vulncheck.com/advisories/vasion-print-printerlogic-dangerous-php-dead-code-enables-rce https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html#va-dead-code https://access.redhat.com/security/cve/cve-2025-34205