CVE-2025-34232
BaseFortify
Publication date: 2025-09-29
Last updated on: 2025-10-09
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| vasion | virtual_appliance_application | to 25.1.1413 (exc) |
| vasion | virtual_appliance_host | to 25.1.102 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-306 | The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. |
| CWE-918 | The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-34232 is a blind server-side request forgery (SSRF) vulnerability in Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application prior to certain versions. It occurs via the /var/www/app/console_release/lexmark/dellCheck.php script, which allows an unauthenticated attacker to make the server send HTTP requests to arbitrary internal hosts without validation or filtering. Although the attacker cannot see the response data directly (blind SSRF), they can probe internal services, trigger internal actions, or gather intelligence about the internal network. [1]
How can this vulnerability impact me? :
This vulnerability can allow an unauthenticated attacker to probe internal network services, trigger internal actions, or gather intelligence about internal systems by abusing the server to send requests to internal hosts. While the attacker cannot directly see the response data, this can lead to information disclosure about internal infrastructure and potentially facilitate further attacks or exploitation of internal services. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection can focus on monitoring requests to the vulnerable script /var/www/app/console_release/lexmark/dellCheck.php. You can check web server logs for unauthenticated access attempts to this endpoint. Additionally, network traffic analysis can look for unusual outbound HTTP requests originating from the appliance to internal hosts on port 80, especially requests matching the pattern /DevMgmt/DiscoveryTree.xml. Example commands include: 1) Using grep to find access attempts in logs: grep 'lexmark/dellCheck.php' /var/log/apache2/access.log 2) Using curl to test if the endpoint is accessible: curl -v http://<appliance-ip>/var/www/app/console_release/lexmark/dellCheck.php 3) Using tcpdump to monitor outbound requests from the appliance: tcpdump -i <interface> host <appliance-ip> and port 80 [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include upgrading the Vasion Print Virtual Appliance Host to version 25.1.102 or later and the Print Application to version 25.1.1413 or later, as these versions contain the confirmed remediation. If upgrading is not immediately possible, restrict network access to the vulnerable endpoint /var/www/app/console_release/lexmark/dellCheck.php by firewall rules or web server configuration to prevent unauthenticated external access. Additionally, monitor and block suspicious outbound HTTP requests from the appliance to internal hosts on port 80 to limit exploitation potential. [1]