CVE-2025-34206

Name of the Vulnerable Software and Affected Versions Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA and SaaS deployments) (affected versions not specified)

Description The Vasion Print Virtual Appliance Host and Application has overly-permissive filesystem permissions for files under /var/www/efs storage within Docker containers. These files include sensitive data such as secrets.env, GPG-encrypted blobs in .secrets, MySQL client keys, and application session files. An attacker gaining control or access to any container can read or modify these artifacts, potentially leading to credential theft, Remote Code Execution (RCE) via the Laravel APP KEY, Portainer takeover, and full system compromise.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.