Skip to main content

PHP CVE-2025-34208

| EUVD-2025-32644 HIGH
Use of a Broken or Risky Cryptographic Algorithm (CWE-327)
2025-10-02 disclosure@vulncheck.com
PHP Information Disclosure Virtual Appliance Application Virtual Appliance Host
7.5
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

4
EUVD ID Assigned
Mar 13, 2026 - 19:12 euvd
EUVD-2025-32644
Analysis Generated
Mar 13, 2026 - 19:12 vuln.today
PoC Detected
Oct 09, 2025 - 19:17 vuln.today
Public exploit code
CVE Published
Oct 02, 2025 - 17:16 nvd
HIGH 7.5

DescriptionNVD

Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA/SaaS deployments) store user passwords using unsalted SHA-512 hashes with a fall-back to unsalted SHA-1. The hashing is performed via PHP's hash() function in multiple files (server_write_requests_users.php, update_database.php, legacy/Login.php, tests/Unit/Api/IdpControllerTest.php). No per-user salt is used and the fast hash algorithms are unsuitable for password storage. An attacker who obtains the password database can recover cleartext passwords via offline dictionary or rainbow table attacks. The vulnerable code also contains logic that migrates legacy SHA-1 hashes to SHA-512 on login, further exposing users still on the old hash. This vulnerability was partially resolved, but still present within the legacy authentication platform.

Analysis

Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA/SaaS deployments) store user passwords using unsalted SHA-512 hashes with a fall-back to unsalted SHA-1. The hashing is performed via PHP's hash() function in multiple files (server_write_requests_users.php, update_database.php, legacy/Login.php, tests/Unit/Api/IdpControllerTest.php). No per-user salt is used and the fast hash algorithms are unsuitable for password storage. An attacker who obtains the password database can recover cleartext passwords via offline dictionary or rainbow table attacks. The vulnerable code also contains logic that migrates legacy SHA-1 hashes to SHA-512 on login, further exposing users still on the old hash. This vulnerability was partially resolved, but still present within the legacy authentication platform.

Technical ContextAI

This vulnerability is classified as Use of a Broken or Risky Cryptographic Algorithm (CWE-327).

RemediationAI

Monitor vendor advisories for patches. Apply mitigations such as network segmentation, access restrictions, and monitoring.

Share

CVE-2025-34208 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy