CVE-2025-34202

HIGH EPSS 55.7%
Published Sep 19, 20259mo ago · Modified Jun 17, 20262w ago
8.7 CVSS 4.0
High
Find Similar
Published Sep 19, 2025 9mo ago
Last Modified Jun 17, 2026 2w ago

Description

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to 25.2.169 and Application prior to 25.2.1518 (VA and SaaS deployments) expose Docker internal networks in a way that allows an attacker on the same external L2 segment — or an attacker able to add routes using the appliance as a gateway — to reach container IPs directly. This grants access to internal services (HTTP APIs, Redis, MySQL, etc.) that are intended to be isolated inside the container network. Many of those services are accessible without authentication or are vulnerable to known exploitation chains. As a result, compromise of a single reachable endpoint or basic network access can enable lateral movement, remote code execution, data exfiltration, and full system compromise. This vulnerability has been identified by the vendor as: V-2025-003 — Insecure Access to Docker Instance from WAN.

CVSS Details

Base Score
8.7
Exploitability
Impact
Vector string
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector Adjacent
Attack Complexity Low
Privileges Required None
User Interaction None
Scope X

Threat Intelligence

EPSS Exploit Probability
55.7% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-291

Affected Products 2

VendorProductVersionRange
vasionvirtual_appliance_application* <25.1.1413
vasionvirtual_appliance_host* <25.2.169

References 4

  • help.printerlogic.com https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm
    Vendor Advisory
  • help.printerlogic.com https://help.printerlogic.com/va/Print/Security/Security-Bulletins.htm
    Vendor Advisory
  • pierrekim.github.io https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html#va-insecure-access-docker-instances-from-wan
    ExploitThird Party Advisory
  • vulncheck.com https://www.vulncheck.com/advisories/vasion-print-printerlogic-insecure-access-to-docker-instances-wan
    Third Party Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.