CVE-2025-9269 - Vulnerability Details - OpenCVE

A Server-Side Request Forgery (SSRF) vulnerability has been identified in the embedded web server in various Lexmark devices. This vulnerability can be leveraged by an attacker to force the device to send an arbitrary HTTP request to a third-party server. Successful exploitation of this vulnerability can lead to internal network access / potential data disclosure from a device.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact Low

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

No data.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html

History

Tue, 09 Sep 2025 17:30:00 +0000

Type	Values Removed	Values Added
Description		A Server-Side Request Forgery (SSRF) vulnerability has been identified in the embedded web server in various Lexmark devices. This vulnerability can be leveraged by an attacker to force the device to send an arbitrary HTTP request to a third-party server. Successful exploitation of this vulnerability can lead to internal network access / potential data disclosure from a device.
Title		Server-Side Request Forgery (SSRF) vulnerability found in embedded web server
Weaknesses		CWE-918
References		https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html
Metrics		cvssV4_0 `{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N'}`

MITRE

Status: PUBLISHED

Assigner: Lexmark

Published: 2025-09-09T17:21:36.589Z

Updated: 2025-09-09T18:36:21.085Z

Reserved: 2025-08-20T15:10:24.655Z

Link: CVE-2025-9269

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-09-09T18:15:36.993

Modified: 2025-09-09T18:15:36.993

Link: CVE-2025-9269

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-9269", "assignerOrgId": "7bc73191-a2b6-4c63-9918-753964601853", "state": "PUBLISHED", "assignerShortName": "Lexmark", "dateReserved": "2025-08-20T15:10:24.655Z", "datePublished": "2025-09-09T17:21:36.589Z", "dateUpdated": "2025-09-09T18:36:21.085Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "modules": ["webserver"], "product": "CX, XC, CS, MS, MX, XM, et. al.", "vendor": "Lexmark", "versions": [{"changes": [{"at": "CXTLS.240.206 and later", "status": "unaffected"}], "lessThanOrEqual": "CXTLS.240.205", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "MXTLS.240.206 and later", "status": "unaffected"}], "lessThanOrEqual": "MXTLS.240.205", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "CSTLS.240.206 and later", "status": "unaffected"}], "lessThanOrEqual": "CSTLS.240.205", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "MSNSN.240.206 and later", "status": "unaffected"}], "lessThanOrEqual": "MSNSN.240.205", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "MSTSN.240.206 and later", "status": "unaffected"}], "lessThanOrEqual": "MSTSN.240.205", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "MXTSN.240.206 and later", "status": "unaffected"}], "lessThanOrEqual": "MXTSN.240.205", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "CSNGV.240.206 and later", "status": "unaffected"}], "lessThanOrEqual": "CSNGV.240.205", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "CSTGV.240.206 and later", "status": "unaffected"}], "lessThanOrEqual": "CSTGV.240.205", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "CXTGV.240.206 and later", "status": "unaffected"}], "lessThanOrEqual": "CXTGV.240.205", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "CXTPC.240.206 and later", "status": "unaffected"}], "lessThanOrEqual": "CXTPC.240.205", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "CSTPC.240.206 and later", "status": "unaffected"}], "lessThanOrEqual": "CSTPC.240.205", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "MXTCT.240.206 and later", "status": "unaffected"}], "lessThanOrEqual": "MXTCT.240.205", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "MXTPM.240.206 and later", "status": "unaffected"}], "lessThanOrEqual": "MXTPM.240.205", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "CXTMM.240.206 and later", "status": "unaffected"}], "lessThanOrEqual": "CXTMM.240.205", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "CSTMM.240.206 and later", "status": "unaffected"}], "lessThanOrEqual": "CSTMM.240.205", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "MSNGM.240.206 and later", "status": "unaffected"}], "lessThanOrEqual": "MSNGM.240.205", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "MSTGM.240.206 and later", "status": "unaffected"}], "lessThanOrEqual": "MSTGM.240.205", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "MXNGM.240.206 and later", "status": "unaffected"}], "lessThanOrEqual": "MXNGM.240.205", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "MXTGM.240.206 and later", "status": "unaffected"}], "lessThanOrEqual": "MXTGM.240.205", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "MSNGW.240.206 and later", "status": "unaffected"}], "lessThanOrEqual": "MSNGW.240.205", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "MSTGW.240.206 and later", "status": "unaffected"}], "lessThanOrEqual": "MSTGW.240.205", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "MXTGW.240.206 and later", "status": "unaffected"}], "lessThanOrEqual": "MXTGW.240.205", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "CSTZJ.240.206 and later", "status": "unaffected"}], "lessThanOrEqual": "CSTZJ.240.205", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "CSNZJ.240.206 and later", "status": "unaffected"}], "lessThanOrEqual": "CSNZJ.240.205", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "CXTZJ.240.206 and later", "status": "unaffected"}], "lessThanOrEqual": "CXTZJ.240.205", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "CXNZJ.240.206 and later", "status": "unaffected"}], "lessThanOrEqual": "CXNZJ.240.205", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "MSLSG.240.408 and later", "status": "unaffected"}], "lessThanOrEqual": "MSLSG.240.407", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "MXLSG.240.408 and later", "status": "unaffected"}], "lessThanOrEqual": "MXLSG.240.407", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "MSLBD.240.408 and later", "status": "unaffected"}], "lessThanOrEqual": "MSLBD.240.407", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "MXLBD.240.408 and later", "status": "unaffected"}], "lessThanOrEqual": "MXLBD.240.407", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "CSLBN.240.408 and later", "status": "unaffected"}], "lessThanOrEqual": "CSLBN.240.407", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "CSLBL.240.408 and later", "status": "unaffected"}], "lessThanOrEqual": "CSLBL.240.407", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "CXLBN.240.408 and later", "status": "unaffected"}], "lessThanOrEqual": "CXLBN.240.407", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "CXLBL.240.408 and later", "status": "unaffected"}], "lessThanOrEqual": "CXLBL.240.407", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "CXTPP.240.408 and later", "status": "unaffected"}], "lessThanOrEqual": "CXTPP.240.407", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "CSTPP.240.408 and later", "status": "unaffected"}], "lessThanOrEqual": "CSTPP.240.407", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "CSTAT.240.408 and later", "status": "unaffected"}], "lessThanOrEqual": "CSTAT.240.407", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "CXTAT.240.408 and later", "status": "unaffected"}], "lessThanOrEqual": "CXTAT.240.407", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "CSTMH.240.408 and later", "status": "unaffected"}], "lessThanOrEqual": "CSTMH.240.407", "status": "affected", "version": "0", "versionType": "custom"}, {"changes": [{"at": "CXTMH.240.408 and later", "status": "unaffected"}], "lessThanOrEqual": "CXTMH.240.407", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Chen Independent Security Researcher"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A Server-Side Request Forgery (SSRF) vulnerability has been identified in the embedded web server in various Lexmark devices. This vulnerability can be leveraged by an attacker to force the device to send an arbitrary HTTP request to a third-party server. Successful exploitation of this vulnerability can lead to internal network access / potential data disclosure from a device."}], "value": "A Server-Side Request Forgery (SSRF) vulnerability has been identified in the embedded web server in various Lexmark devices. This vulnerability can be leveraged by an attacker to force the device to send an arbitrary HTTP request to a third-party server.\u00a0Successful exploitation of this vulnerability can lead to internal network access / potential data disclosure from a device."}], "impacts": [{"capecId": "CAPEC-101", "descriptions": [{"lang": "en", "value": "CAPEC-101 Server Side Include (SSI) Injection"}]}, {"capecId": "CAPEC-33", "descriptions": [{"lang": "en", "value": "CAPEC-33: HTTP Request Smuggling"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 6.9, "baseSeverity": "MEDIUM", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-918", "description": "CWE-918: Server-Side Request Forgery (SSRF)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7bc73191-a2b6-4c63-9918-753964601853", "shortName": "Lexmark", "dateUpdated": "2025-09-09T17:21:36.589Z"}, "references": [{"url": "https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html"}], "source": {"discovery": "UNKNOWN"}, "title": "Server-Side Request Forgery (SSRF) vulnerability found in embedded web server", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-09-09T17:43:57.556819Z", "id": "CVE-2025-9269", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-09T18:36:21.085Z"}}]}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A Server-Side Request Forgery (SSRF) vulnerability has been identified in the embedded web server in various Lexmark devices. This vulnerability can be leveraged by an attacker to force the device to send an arbitrary HTTP request to a third-party server.\u00a0Successful exploitation of this vulnerability can lead to internal network access / potential data disclosure from a device."}], "id": "CVE-2025-9269", "lastModified": "2025-09-09T18:15:36.993", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "7bc73191-a2b6-4c63-9918-753964601853", "type": "Secondary"}]}, "published": "2025-09-09T18:15:36.993", "references": [{"source": "7bc73191-a2b6-4c63-9918-753964601853", "url": "https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html"}], "sourceIdentifier": "7bc73191-a2b6-4c63-9918-753964601853", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "7bc73191-a2b6-4c63-9918-753964601853", "type": "Secondary"}]}