CVE-2025-34231
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-29

Last updated on: 2025-10-09

Assigner: VulnCheck

Description
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102Β and Application prior to version 25.1.1413Β (VA/SaaS deployments) contain a blind and non-blind server-side request forgery (SSRF) vulnerability. The '/var/www/app/console_release/hp/badgeSetup.php' script is reachable from the Internet without any authentication and builds URLs from user‑controlled parameters before invoking either the custom processCurl() function or PHP’s file_get_contents(); in both cases the hostname/URL is taken directly from the request with no whitelist, scheme restriction, IP‑range validation, or outbound‑network filtering. Consequently, any unauthenticated attacker can force the server to issue arbitrary HTTP requests to internal resources. This enables internal network reconnaissance, credential leakage, pivoting, and data exfiltration.Β This vulnerability has been confirmed to be remediated, but it is unclear as to when the patch was introduced.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-29
Last Modified
2025-10-09
Generated
2026-06-16
AI Q&A
2025-09-29
EPSS Evaluated
2026-06-15
NVD
CVE-2025-34231
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
vasion virtual_appliance_application to 25.1.1413 (exc)
vasion virtual_appliance_host to 25.1.102 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-918 The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-34231 is a Server-Side Request Forgery (SSRF) vulnerability in Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application prior to certain versions. The vulnerability exists in the '/var/www/app/console_release/hp/badgeSetup.php' script, which is accessible from the Internet without authentication. This script builds URLs from user-controlled parameters and then makes HTTP requests without validating or restricting the destination. As a result, an unauthenticated attacker can make the server send arbitrary HTTP requests to internal network resources, potentially leading to internal network reconnaissance, credential leakage, pivoting, and data exfiltration. [1]

Impact Analysis

This vulnerability can allow an unauthenticated attacker to force the vulnerable server to make arbitrary HTTP requests to internal resources. This can lead to internal network reconnaissance, leakage of credentials, pivoting to other systems within the network, and exfiltration of sensitive data. The impact is high on confidentiality and can compromise internal network security. [1]

Detection Guidance

Detection can involve checking if the vulnerable script '/var/www/app/console_release/hp/badgeSetup.php' is accessible from the Internet without authentication. You can use tools like curl or wget to test access, for example: curl -v http://<target>/var/www/app/console_release/hp/badgeSetup.php. Additionally, monitoring outbound HTTP requests from the server to internal resources may indicate exploitation attempts. However, no specific detection commands are provided in the available resources. [1]

Mitigation Strategies

Immediate mitigation steps include upgrading the Vasion Print Virtual Appliance Host to version 25.1.102 or later, and the Application to version 25.1.1413 or later, as these versions contain the confirmed remediation. Until patching is possible, restrict external access to the vulnerable script path and implement network-level controls to block unauthorized outbound HTTP requests from the server to internal resources. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-34231. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart