VYPR

Virtual Appliance Host

by Vasion

CVEs (78)

  • CVE-2025-27642CriMar 5, 2025
    risk 0.64cvss 9.8epss 0.01

    Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application 20.0.2368 allows Unauthenticated Driver Package Editing V-2024-008.

  • CVE-2025-27641CriMar 5, 2025
    risk 0.64cvss 9.8epss 0.01

    Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.951 Application 20.0.2368 allows Unauthenticated APIs for Single-Sign On V-2024-009.

  • CVE-2025-27640CriMar 5, 2025
    risk 0.64cvss 9.8epss 0.01

    Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.1002 Application 20.0.2614 allows SQL Injection V-2024-012.

  • CVE-2025-27638CriMar 5, 2025
    risk 0.64cvss 9.8epss 0.01

    Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.1002 Application 20.0.2614 allows Hardcoded Password V-2024-013.

  • CVE-2025-27673CriMar 5, 2025
    risk 0.59cvss 9.1epss 0.01

    Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Cookie Returned in Response Body OVE-20230524-0017.

  • CVE-2025-27661CriMar 5, 2025
    risk 0.59cvss 9.1epss 0.00

    Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Session Fixation OVE-20230524-0004.

  • CVE-2025-27683HigMar 5, 2025
    risk 0.57cvss 8.8epss 0.01

    Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330 allows Driver Unrestricted Upload of File with Dangerous Type V-2022-006.

  • CVE-2025-27664HigMar 5, 2025
    risk 0.57cvss 8.8epss 0.00

    Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Insufficient CSRF Protection OVE-20230524-0008.

  • CVE-2025-27644HigMar 5, 2025
    risk 0.51cvss 7.8epss 0.00

    Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application 20.0.2368 allows Local Privilege Escalation V-2024-007.

  • CVE-2025-27685HigMar 5, 2025
    risk 0.49cvss 7.5epss 0.00

    Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330 allows Configuration File Contains CA & Private Key V-2022-001.

  • CVE-2025-27684HigMar 5, 2025
    risk 0.49cvss 7.5epss 0.01

    Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330 allows Debug Bundle Contains Sensitive Data V-2022-003.

  • CVE-2025-27669HigMar 5, 2025
    risk 0.49cvss 7.5epss 0.01

    Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Remote Network Scanning (XSPA)/DoS OVE-20230524-0013.

  • CVE-2025-27654MedMar 5, 2025
    risk 0.40cvss 6.1epss 0.00

    Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.862 Application 20.0.2014 allows Cross Site Scripting (XSS) V-2023-017.

  • CVE-2025-27653MedMar 5, 2025
    risk 0.40cvss 6.1epss 0.00

    Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.862 Application 20.0.2014 allows Preauthenticated Cross Site Scripting (XSS): Badge Registration V-2023-012.

  • CVE-2025-27637MedMar 5, 2025
    risk 0.40cvss 6.1epss 0.00

    Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.1002 Application 20.0.2614 allows Cross-Site Scripting V-2024-016.

  • CVE-2025-27660MedMar 5, 2025
    risk 0.35cvss 5.4epss 0.00

    Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Cross Site Scripting OVE-20230524-0003.

  • CVE-2025-34205Sep 19, 2025
    risk 0.01cvss epss 0.01

    Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.843 and Application prior to 20.0.1923 (VA and SaaS deployments) contains dangerous PHP dead code present in multiple Docker-hosted PHP instances. A script named /var/www/app/resetroot.php (found…

  • CVE-2025-34210Oct 2, 2025
    risk 0.00cvss epss 0.00

    Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA/SaaS deployments) store a large number of sensitive credentials (database passwords, MySQL root password, SaaS keys, Portainer admin password, etc.) in cleartext files that are world-readable. Any…

  • CVE-2025-34208Oct 2, 2025
    risk 0.00cvss epss 0.00

    Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA/SaaS deployments) store user passwords using unsalted SHA-512 hashes with a fall-back to unsalted SHA-1. The hashing is performed via PHP's `hash()` function in multiple files…

  • CVE-2025-34217Sep 30, 2025
    risk 0.00cvss epss 0.01

    Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA/SaaS deployments) contain an undocumented 'printerlogic' user with a hardcoded SSH public key in '~/.ssh/authorized_keys' and a sudoers rule granting the printerlogic_ssh group 'NOPASSWD: ALL'.…