CVE-2025-34200
Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA and SaaS deployments) provision the appliance with the network account credentials in clear-text inside /etc/issue, and the file is world-readable by default. An attacker with local shell access can read /etc/issue to obtain the network account username and password. Using the network account an attacker can change network parameters via the appliance interface, enabling local misconfiguration, network disruption or further escalation depending on deployment.
Vendor
Product
CWE
Yayın Tarihi
2025-09-19 19:15:40
Güncelleme
2025-09-24 19:18:22
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-
Kategoriler
Referanslar
https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm
https://help.printerlogic.com/va/Print/Security/Security-Bulletins.htm
https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html#va-clear-text-password
https://www.vulncheck.com/advisories/vasion-print-printerlogic-network-account-password-stored-in-cleartext