SSRF in Lexmark Cx, Xc, Cs, Ms, Mx, Xm, Et. Al.

CVE-2025-9269

A Server-Side Request Forgery (SSRF) vulnerability has been identified in the embedded web server in various Lexmark devices. This vulnerability can be leveraged by an attacker to force the device to send an arbitrary HTTP request to a thi…

Vulnerability class: SSRF (Server-Side Request Forgery)

EPSS: 0.003 (22.6th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

Public proof-of-concept exploits

References

Frequently asked questions

What is CVE-2025-9269?
CVE-2025-9269 is a vulnerability in Lexmark Cx, Xc, Cs, Ms, Mx, Xm, Et. Al., classified under Server-Side Request Forgery (SSRF). Published 2025-09-09.
Is CVE-2025-9269 known to be exploited?
1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.