10

CVSS4.0

CVE-2025-34216 - Vasion Print (formerly PrinterLogic) RCE and Password Leaks via API

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1026 and Application prior to version 20.0.2702 (VA deployments only) expose a set of unauthenticated REST API endpoints that return configuration files and clear‑text passwords. The same endpoints also disclose the L…

📅 Published: Sept. 29, 2025, 8:39 p.m. 🔄 Last Modified: Nov. 17, 2025, 11:56 p.m.

8.5

CVSS4.0

CVE-2025-34233 - Vasion Print (formerly PrinterLogic) Insecure Use of file_get_contents()

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 (VA/SaaS deployments) contain a protection mechanism failure vulnerability within the file_get_contents() function. When an administrator configures a printer’s hostname …

📅 Published: Sept. 29, 2025, 8:38 p.m. 🔄 Last Modified: Nov. 17, 2025, 11:56 p.m.

7.9

CVSS4.0

CVE-2025-34207 - Vasion Print (formerly PrinterLogic) Insecure SSH Client Configuration

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to 22.0.1049 and Application prior to 20.0.2786 (VA and SaaS deployments) configure the SSH client within Docker instances with the following options: `UserKnownHostsFile=/dev/null`, `StrictHostKeyChecking=no`, and `ForwardAgent yes`…

📅 Published: Sept. 29, 2025, 8:38 p.m. 🔄 Last Modified: Nov. 17, 2025, 11:56 p.m.

10

CVSS4.0

CVE-2025-34223 - Vasion Print (formerly PrinterLogic) Insecure Installation Credentials

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 (VA/SaaS deployments) contain a default admin account and an installation‑time endpoint at `/admin/query/update_database.php` that can be accessed without authentication…

📅 Published: Sept. 29, 2025, 8:38 p.m. 🔄 Last Modified: Nov. 17, 2025, 11:56 p.m.

8.7

CVSS4.0

CVE-2025-34212 - Vasion Print (formerly PrinterLogic) Insecure Build Pipeline

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.843 and Application prior to version 20.0.1923 (VA/SaaS deployments) possess CI/CD weaknesses: the build pulls an unverified third-party image, downloads the VirtualBox Extension Pack over plain HTTP without signature…

📅 Published: Sept. 29, 2025, 8:36 p.m. 🔄 Last Modified: Feb. 26, 2026, 5:47 p.m.

9.3

CVSS4.0

CVE-2025-34211 - Vasion Print (formerly PrinterLogic) Hardcoded SSL Certificate and Private Keys

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 (VA and SaaS deployments) contain a private SSL key and matching public certificate stored in cleartext. The key belongs to the hostname `pl‑local.com` and is used by th…

📅 Published: Sept. 29, 2025, 8:36 p.m. 🔄 Last Modified: Nov. 17, 2025, 11:56 p.m.

9.4

CVSS4.0

CVE-2025-34209 - Vasion Print (formerly PrinterLogic) Hardcoded GPG Private Key

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to 22.0.862 and Application prior to 20.0.2014 (VA and SaaS deployments) contain Docker images with the private GPG key and passphrase for the account *no‑reply+virtual‑[email protected]*. The key is stored in cleartext and …

📅 Published: Sept. 29, 2025, 8:35 p.m. 🔄 Last Modified: Nov. 17, 2025, 11:56 p.m.

9.2

CVSS4.0

CVE-2025-34234 - Vasion Print (formerly PrinterLogic) Hardcoded Encryption Private Keys

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 (VA/SaaS deployments) contain two hardcoded private keys that are shipped in the application containers (printerlogic/pi, printerlogic/printer-admin-api, and printercloud…

📅 Published: Sept. 29, 2025, 8:34 p.m. 🔄 Last Modified: Nov. 17, 2025, 11:56 p.m.

10

CVSS4.0

CVE-2025-34218 - Vasion Print (formerly PrinterLogic) Exposed Internal Docker Instance

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 (VA/SaaS deployments) expose internal Docker containers through the gw Docker instance. The gateway publishes a /meta endpoint which lists every micro‑service container…

📅 Published: Sept. 29, 2025, 8:34 p.m. 🔄 Last Modified: Feb. 26, 2026, 5:47 p.m.

6.9

CVSS4.0

CVE-2025-34232 - Vasion Print (formerly PrinterLogic) Blind SSRF via Lexmark dellCheck.php

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 (VA/SaaS deployments) contain a blind server-side request forgery (SSRF) vulnerability reachable via the /var/www/app/console_release/lexmark/dellCheck.php script that ca…

📅 Published: Sept. 29, 2025, 8:34 p.m. 🔄 Last Modified: Nov. 17, 2025, 11:56 p.m.
Total resulsts: 349182
Page 3641 of 34,919
« previous page » next page
Filters