CVE-2025-34230
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-29

Last updated on: 2025-10-09

Assigner: VulnCheck

Description
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 (VA/SaaS deployments) contain a blind server-side request forgery (SSRF) vulnerability reachable via the /var/www/app/console_release/hp/log_off_single_sign_on.php script that can be exploited by an unauthenticated user. When a printer is registered, the software stores the printer’s host name in the variableβ€―$printer_vo->str_host_address. The code later builds a URL like 'http://<host‑address>:80/DevMgmt/DiscoveryTree.xml' and sends the request with curl. No validation, whitelist, or private‑network filtering is performed before the request is made.Β Because the request is blind, an attacker cannot see the data directly, but can still: probe internal services, trigger internal actions, or gather other intelligence. This vulnerability has been confirmed to be remediated, but it is unclear as to when the patch was introduced.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-29
Last Modified
2025-10-09
Generated
2026-05-07
AI Q&A
2025-09-29
EPSS Evaluated
2026-05-05
NVD
CVE-2025-34230
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
vasion virtual_appliance_application to 25.1.1413 (exc)
vasion virtual_appliance_host to 25.1.102 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
CWE-918 The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2025-34230 is a blind Server-Side Request Forgery (SSRF) vulnerability in Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application prior to certain versions. It occurs via the /var/www/app/console_release/hp/log_off_single_sign_on.php script, which allows an unauthenticated attacker to make the server send arbitrary HTTP requests to internal or external systems without validation or filtering. The attacker cannot see the response directly (blind SSRF) but can probe internal services, trigger internal actions, or gather intelligence. [1]


How can this vulnerability impact me? :

This vulnerability can allow an unauthenticated attacker to induce the vulnerable server to make arbitrary HTTP requests to internal network services or external systems. Although the attacker cannot see the response directly, they can use this to probe internal services, trigger internal actions, or gather sensitive intelligence. This could lead to further exploitation or information disclosure within the internal network. [1]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

Detection can involve checking for access or attempts to access the vulnerable endpoint /var/www/app/console_release/hp/log_off_single_sign_on.php on affected Vasion Print (PrinterLogic) Virtual Appliance Hosts or Applications. Network monitoring tools or web server logs can be used to identify requests to this script. Specific commands are not provided in the resources. [1]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include upgrading Vasion Print Virtual Appliance Host to version 25.1.102 or later and the Application to version 25.1.1413 or later, as these versions contain the confirmed remediation. Additionally, restricting access to the vulnerable endpoint and monitoring for suspicious activity can help reduce risk until patching is complete. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart