CVE-2025-34232 is a server-side request forgery (SSRF) vulnerability affecting Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to 25.1.1413 in VA/SaaS deployments. The vulnerability exists in the /var/www/app/console_release/lexmark/dellCheck.php script, which is accessible without authentication. When a printer is registered, its hostname is stored in the variable $printer_vo->str_host_address. Later, the application constructs a URL using this hostname in the format 'http://<host-address>:80/DevMgmt/DiscoveryTree.xml' and makes a curl request to it without any validation, whitelisting, or filtering to restrict requests to private or internal networks. This lack of validation allows an unauthenticated attacker to supply arbitrary hostnames, causing the server to send HTTP requests to internal or external systems. Because the SSRF is blind, the attacker does not receive direct response data, but can still use the vulnerability to probe internal services, trigger internal actions, or gather intelligence about the internal network environment. The vulnerability stems from missing authentication controls on a critical function (CWE-306) and the SSRF weakness itself (CWE-918). The CVSS 4.0 base score is 6.9, indicating a medium severity with network attack vector, no privileges or user interaction required, and limited impact on confidentiality and integrity. Although a patch exists, the exact patch release date is unclear, and no known exploits have been reported in the wild to date.

For European organizations, this vulnerability poses a risk of internal network reconnaissance and potential indirect exploitation of internal services. Attackers can leverage the SSRF to map internal infrastructure, identify vulnerable services, or trigger unintended actions on internal hosts, which could lead to further compromise or data leakage. Since the vulnerability requires no authentication and no user interaction, it can be exploited remotely by unauthenticated attackers, increasing the attack surface. Organizations using Vasion Print Virtual Appliance Hosts in their print infrastructure could see disruption or compromise of internal network confidentiality and integrity. While direct data exfiltration is limited due to the blind nature of the SSRF, the ability to probe internal services can facilitate lateral movement or targeted attacks. This is particularly concerning for organizations with sensitive internal networks or critical print infrastructure integrated with other enterprise systems.

European organizations should immediately verify their Vasion Print Virtual Appliance Host and Application versions and upgrade to version 25.1.102 or later for the appliance and 25.1.1413 or later for the application as soon as patches are available. Until patched, organizations should restrict network access to the vulnerable appliance, limiting inbound connections to trusted management networks only. Implement network-level filtering to block outbound HTTP requests from the appliance to untrusted or internal IP ranges to mitigate SSRF exploitation. Monitor logs for unusual requests to the vulnerable PHP script path and any unexpected outbound connections initiated by the appliance. Employ web application firewalls (WAFs) with custom rules to detect and block SSRF attempts targeting the dellCheck.php endpoint. Conduct internal network segmentation to isolate print infrastructure from critical systems, reducing the impact of potential SSRF exploitation. Finally, coordinate with Vasion support to confirm patch availability and deployment timelines and maintain awareness of any emerging exploit reports.