CNNVD-202509-4346 Information

Sep 29, 2025 cve

CNNVD ID

CNNVD-202509-4346

CVE-2025-34228

CNNVD Published: 2025-09-29

Description (Chinese)

Vasion Print Virtual Appliance Host是美国Vasion公司的一个打印管理软件。 Vasion Print Virtual Appliance Host 25.1.102之前版本存在安全漏洞，该漏洞源于/var/www/app/console_release/lexmark/update.php脚本未经验证且未对用户输入进行适当验证，可能导致服务端请求伪造攻击。

Description (English)

Vasion Print Virgin Application Host is a print management software for Vasion in the United States. The security loophole in the pre-Vasion Print Vision Host 25.1.102 version originated in unverified, unverified scripts that did not properly validate user input, which could lead to a false attack requested by the service.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Vasion

Published

2025-09-29

Last Modified

2026-02-24

References

https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm https://help.printerlogic.com/va/Print/Security/Security-Bulletins.htm https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html#va-ssrf-04 https://www.vulncheck.com/advisories/vasion-print-printerlogic-ssrf-via-lexmark-update-php-script

Patch

https://help.printerlogic.com/va/Print/Security/Security-Bulletins.htm

Share on: