Auth bypass in Vasion Print Application
CVE-2025-34225
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 (VA/SaaS deployments) contain a server-side request forgery (SSRF) vulnerability. The `console_release` direct…
Vulnerability class: Broken Authentication
EPSS: 0.003 (52.7th percentile) — read the EPSS interpretation.
Affected products
- Vasion Print Application — versions 0
- Vasion Print Virtual Appliance Host — versions 0
Weakness classification (CWE)
References
- pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html (technical-description)
- help.printerlogic.com/va/Print/Security/Security-Bulletins.htm (vendor-advisory, patch)
- help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm (vendor-advisory, patch)
- www.vulncheck.com/advisories/vasion-print-printerlogic-ssrf-via-console-release… (third-party-advisory)