Aggregates CVE and security vulnerability intelligence across all PrinterLogic-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk path handling and vendor risk csrf and related problems; some flaws may lead to vendor impact session compromise, affecting vendor surface production workloads scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-27645 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application 20.0.2368 allows Insecure Extension Installation by Trusting HTTP Permission Methods on the Server Side V-2024-005. | [email protected] | 9.8 | 0.83% | 2025-03-05 | 2026-06-17 |
| CVE-2025-27644 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application 20.0.2368 allows Local Privilege Escalation V-2024-007. | [email protected] | 7.8 | 0.21% | 2025-03-05 | 2026-06-17 |
| CVE-2025-27643 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application 20.0.2368 allows Hardcoded AWS API Key V-2024-006. | [email protected] | 9.8 | 0.83% | 2025-03-05 | 2026-06-17 |
| CVE-2025-27642 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application 20.0.2368 allows Unauthenticated Driver Package Editing V-2024-008. | [email protected] | 9.8 | 0.83% | 2025-03-05 | 2026-06-17 |
| CVE-2025-27641 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.951 Application 20.0.2368 allows Unauthenticated APIs for Single-Sign On V-2024-009. | [email protected] | 9.8 | 0.83% | 2025-03-05 | 2026-06-17 |
| CVE-2025-27640 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.1002 Application 20.0.2614 allows SQL Injection V-2024-012. | [email protected] | 9.8 | 0.68% | 2025-03-05 | 2026-06-17 |
| CVE-2025-27639 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.1002 Application 20.0.2614 allows Privilege Escalation V-2024-015. | [email protected] | 8.8 | 0.72% | 2025-03-05 | 2026-06-17 |
| CVE-2025-27638 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.1002 Application 20.0.2614 allows Hardcoded Password V-2024-013. | [email protected] | 9.8 | 0.83% | 2025-03-05 | 2026-06-17 |
| CVE-2025-27637 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.1002 Application 20.0.2614 allows Cross-Site Scripting V-2024-016. | [email protected] | 6.1 | 0.48% | 2025-03-05 | 2026-06-17 |
| CVE-2022-32427 | PrinterLogic Windows Client through 25.0.0.676 allows attackers to execute directory traversal. Authenticated users with prior knowledge of the driver filename could exploit this to escalate privileges or distribute malicious content. This issue has been resolved in PrinterLogic Windows Client 25.0.0688 and all affected are advised to upgrade. | [email protected] | 8.8 | 1.32% | 2022-08-24 | 2026-06-17 |
| CVE-2021-42642 | PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the plaintext console username and password for a printer. | [email protected] | 7.5 | 1.39% | 2022-02-02 | 2026-06-17 |
| CVE-2021-42641 | PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the username and email address of all users. | [email protected] | 7.5 | 2.06% | 2022-02-02 | 2026-06-17 |
| CVE-2021-42640 | PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to reassign drivers for any printer. | [email protected] | 9.1 | 2.06% | 2022-02-02 | 2026-06-17 |
| CVE-2021-42639 | PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to multiple reflected cross site scripting vulnerabilities. Attacker controlled input is reflected back in the page without sanitization. | [email protected] | 6.1 | 1.15% | 2022-02-02 | 2026-06-17 |
| CVE-2021-42637 | PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use user-controlled input to craft a URL, resulting in a Server Side Request Forgery (SSRF) vulnerability. | [email protected] | 9.8 | 2.27% | 2022-02-02 | 2026-06-17 |
| CVE-2021-42633 | PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to SQL Injection, which may allow an attacker to access additional audit records. | [email protected] | 5.3 | 2.01% | 2022-02-02 | 2026-06-17 |
| CVE-2021-42638 | PrinterLogic Web Stack versions 19.1.1.13 SP9 and below do not sanitize user input resulting in pre-auth remote code execution. | [email protected] | 8.1 | 5.66% | 2022-02-01 | 2026-06-17 |
| CVE-2021-42635 | PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use a hardcoded APP_KEY value, leading to pre-auth remote code execution. | [email protected] | 8.1 | 5.70% | 2022-01-31 | 2026-06-17 |
| CVE-2021-42631 | PrinterLogic Web Stack versions 19.1.1.13 SP9 and below deserializes attacker controlled leading to pre-auth remote code execution. | [email protected] | 8.1 | 6.32% | 2022-01-31 | 2026-06-17 |
| CVE-2019-9505 | The PrinterLogic Print Management software, versions up to and including 18.3.1.96, does not sanitize special characters allowing for remote unauthorized changes to configuration files. An unauthenticated attacker may be able to remotely execute arbitrary code with SYSTEM privileges. | [email protected] | 9.8 | 3.45% | 2019-05-08 | 2026-06-16 |