Auth bypass in Vasion Print Application
CVE-2025-34222
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 (VA/SaaS deployments) expose four admin routes – /admin/hp/cert_upload, /admin/hp/cert_delete, /admin/certs/c…
Vulnerability class: Broken Authentication
EPSS: 0.002 (35.8th percentile) — read the EPSS interpretation.
Affected products
- Vasion Print Application — versions 0
- Vasion Print Virtual Appliance Host — versions 0
Weakness classification (CWE)
References
- pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html (technical-description)
- help.printerlogic.com/va/Print/Security/Security-Bulletins.htm (vendor-advisory, patch)
- help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm (vendor-advisory, patch)
- www.vulncheck.com/advisories/vasion-print-printerlogic-unauth-admin-apis-used-t… (third-party-advisory)