CVE-2025-34224
BaseFortify
Publication date: 2025-09-29
Last updated on: 2025-10-09
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| vasion | virtual_appliance_application | to 20.0.2786 (exc) |
| vasion | virtual_appliance_host | to 22.0.1049 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-306 | The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-34224 is a critical vulnerability in Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application versions prior to 22.0.1049 and 20.0.2786 respectively. It exposes a set of PHP scripts under the 'console_release' directory without requiring any authentication. This allows an unauthenticated remote attacker to invoke these endpoints to re-configure networked printers, add or delete RFID badge devices, or modify device settings. Essentially, attackers can modify devices without any authentication, which is a severe security risk. [1]
How can this vulnerability impact me? :
This vulnerability can have a severe impact as it allows unauthenticated remote attackers to modify networked printers and RFID badge devices. This can lead to unauthorized changes in device configurations, potentially disrupting printing services, compromising device integrity, and enabling further attacks within the network. The vulnerability has a CVSS v4 base score of 10.0, indicating a critical risk with high impact on confidentiality, integrity, and availability. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection can be performed by scanning for the presence of the exposed PHP scripts under the `console_release` directory on the Vasion Print Virtual Appliance Host or Application. Since these endpoints do not require authentication, an unauthenticated HTTP request to these scripts can confirm vulnerability. For example, using curl or wget to access URLs like `http://<target>/console_release/` and checking for accessible scripts or responses indicating device modification endpoints. Network scanning tools can also be used to identify the affected versions prior to 22.0.1049 (Host) or 20.0.2786 (Application). [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include upgrading the Vasion Print Virtual Appliance Host to version 22.0.1049 or later and the Print Application to version 20.0.2786 or later, as these versions address the vulnerability by requiring authentication for the affected PHP scripts. Additionally, restricting network access to the `console_release` directory by firewall rules or network segmentation can reduce exposure. Monitoring and blocking unauthenticated access attempts to these endpoints is also recommended until the update is applied. [1]