Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-34203— Vasion Print (formerly PrinterLogic) Use of Outdated, End-Of-Life, and Vulnerable Third-Party Components

EPSS 0.18% · P39
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-34203

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Vasion Print (formerly PrinterLogic) Use of Outdated, End-Of-Life, and Vulnerable Third-Party Components
Source: NVD (National Vulnerability Database)
Vulnerability Description
Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.1002 and Application versions prior to 20.0.2614 (VA and SaaS deployments) contain multiple Docker containers that include outdated, end-of-life, unsupported, or otherwise vulnerable third-party components (examples: Nginx 1.17.x, OpenSSL 1.1.1d, various EOL Alpine/Debian/Ubuntu base images, and EOL Laravel/PHP libraries). These components are present across many container images and increase the product's attack surface, enabling exploitation chains when leveraged by an attacker. Multiple distinct EOL versions and unpatched libraries across containers; Nginx binaries date from 2019 in several images and Laravel versions observed include EOL releases (for example Laravel 5.5.x, 5.7.x, 5.8.x). This vulnerability has been identified by the vendor as: V-2024-014 — Outdated Dependencies.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
CWE-1395
Source: NVD (National Vulnerability Database)
Vulnerability Title
Vasion Print和Vasion Print Virtual Appliance Host 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Vasion Print和Vasion Print Virtual Appliance Host都是Vasion公司的产品。Vasion Print是一款基于 SaaS 的云托管应用程序,用于管理和部署打印机。Vasion Print Virtual Appliance Host是一个打印管理软件。 Vasion Print Virtual Appliance Host 22.0.1002之前版本和Vasion Print Application 20.0.2614之前版本存在安全漏洞,该漏洞源于包含多个
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
VasionPrint Virtual Appliance Host * ~ 22.0.1002 -
VasionPrint Application * ~ 20.0.2614 -

II. Public POCs for CVE-2025-34203

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2025-34203

登录查看更多情报信息。

Same Patch Batch · Vasion · 2025-09-19 · 18 CVEs total

CVE-2025-34195Vasion Print (formerly PrinterLogic) Unquoted Path During Driver Installation Leads to Exe
CVE-2025-34190Vasion Print (formerly PrinterLogic) PrinterInstallerClientService Authentication Bypass v
CVE-2025-34191Vasion Print (formerly PrinterLogic) Arbitrary File Write as Root via Response Path Symlin
CVE-2025-34188Vasion Print (formerly PrinterLogic) Local Log Disclosure of Cleartext Sessions
CVE-2025-34205Vasion Print (formerly PrinterLogic) Dangerous PHP Dead Code Enables RCE
CVE-2025-34199Vasion Print (formerly PrinterLogic) Insecure SSL Verification Allows Man-in-the-Middle At
CVE-2025-34193Vasion Print (formerly PrinterLogic) Insecure Windows Components Lack Modern Memory Protec
CVE-2025-34201Vasion Print (formerly PrinterLogic) Lack of Network Segmentation Between Docker Instances
CVE-2025-34198Vasion Print (formerly PrinterLogic) Shared / Hardcoded SSH Host Private Keys in Appliance
CVE-2025-34200Vasion Print (formerly PrinterLogic) Network Account Password Stored in Cleartext
CVE-2025-34197Vasion Print (formerly PrinterLogic) Undocumented Local Account with Hardcoded Password an
CVE-2025-34194Vasion Print (formerly PrinterLogic) Local Privilege Escalation via Insecure Temporary Fil
CVE-2025-34204Vasion Print (formerly PrinterLogic) Processes Running as Root Inside Docker Instances
CVE-2025-34206Vasion Print (formerly PrinterLogic) Insecure Shared Storage Permissions
CVE-2025-34192Vasion Print (formerly PrinterLogic) Usage of Outdated and Unsupported OpenSSL Version
CVE-2025-34189Vasion Print (formerly PrinterLogic) Insecure Inter-Process Communication Allows Local Ses
CVE-2025-34202Vasion Print (formerly PrinterLogic) Insecure Access to Docker Instances WAN

IV. Related Vulnerabilities

Same product: Print Virtual Appliance Host
Same vendor: Vasion
Same weakness: CWE-1395

V. Comments for CVE-2025-34203

No comments yet

Leave a comment