Auth bypass in Vasion Print Application
CVE-2025-34231
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 (VA/SaaS deployments) contain a blind and non-blind server-side request forgery (SSRF) vulnerability. The '/va…
Vulnerability class: Broken Authentication
EPSS: 0.002 (41.3th percentile) — read the EPSS interpretation.
Affected products
- Vasion Print Application — versions 0
- Vasion Print Virtual Appliance Host — versions 0
Weakness classification (CWE)
References
- pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html (technical-description)
- help.printerlogic.com/va/Print/Security/Security-Bulletins.htm (vendor-advisory, patch)
- help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm (vendor-advisory, patch)
- www.vulncheck.com/advisories/vasion-print-printerlogic-ssrf-via-hp-badgesetup-p… (third-party-advisory)