CVE-2025-34232 is a server-side request forgery (SSRF) vulnerability affecting Vasion Print Virtual Appliance Host and Application versions prior to 25.1.102 and 25.1.1413 respectively. The vulnerability arises from a lack of authentication and insufficient input validation in the /var/www/app/console_release/lexmark/dellCheck.php script. Specifically, when a printer is registered, its hostname is stored in the variable $printer_vo->str_host_address. Later, the application constructs a URL in the form of 'http://<host-address>:80/DevMgmt/DiscoveryTree.xml' and issues a curl request to this URL without validating or restricting the host address. This allows an unauthenticated attacker to supply arbitrary hostnames, causing the server to send HTTP requests to internal or external network resources. Because the SSRF is blind, the attacker does not receive the response data directly but can still use the vulnerability to probe internal services, trigger internal actions, or gather intelligence about the internal network environment. The vulnerability is classified under CWE-306 (Missing Authentication for Critical Function) and CWE-918 (Server-Side Request Forgery). The CVSS 4.0 base score is 6.9 (medium severity), reflecting the network attack vector, no required privileges or user interaction, and limited impact on confidentiality and integrity. No public exploits are known, and the patch status is unclear though remediation has been confirmed. This vulnerability affects all versions prior to the specified patched releases in VA/SaaS deployments of Vasion Print Virtual Appliance Host.

For European organizations using Vasion Print Virtual Appliance Host, this SSRF vulnerability poses a significant risk to internal network security. Attackers can leverage the vulnerability to scan internal services that are otherwise inaccessible from the internet, potentially identifying vulnerable internal systems or services. They may also trigger unintended internal actions by accessing internal URLs, which could lead to further compromise or disruption. Although the SSRF is blind and does not directly expose data, it can be used as a reconnaissance tool to map internal network topology and identify targets for subsequent attacks. This is particularly concerning for organizations with sensitive internal infrastructure or regulatory requirements around data protection and network segmentation. Given that the vulnerability requires no authentication or user interaction, it can be exploited remotely by any attacker with network access to the appliance. The impact on confidentiality and integrity is limited but non-negligible, while availability impact is minimal. However, the potential for chained attacks leveraging this SSRF to pivot into more critical systems elevates the overall risk profile for affected European enterprises.

European organizations should immediately verify the version of their Vasion Print Virtual Appliance Host and Application deployments and upgrade to version 25.1.102 or later for the appliance and 25.1.1413 or later for the application where applicable. In the absence of immediate patching, network-level mitigations should be implemented, including strict egress filtering on the appliance host to restrict outbound HTTP requests only to trusted destinations. Internal network segmentation should be enforced to limit the appliance's ability to reach sensitive internal services. Additionally, monitoring and logging of outbound requests from the appliance should be enhanced to detect anomalous or unexpected connections indicative of SSRF exploitation attempts. Organizations should also review and restrict printer registration inputs to ensure only valid and authorized hostnames are accepted. Finally, coordinate with Vasion support to confirm patch availability and deployment timelines, and apply patches as soon as they are released.