CVE-2025-9269

Published: Sep 9, 2025

Modified: Sep 29, 2025

PUBLISHED

Description

A Server-Side Request Forgery (SSRF) vulnerability has been identified in the embedded web server in various Lexmark devices. This vulnerability can be leveraged by an attacker to force the device to send an arbitrary HTTP request to a third-party server. Successful exploitation of this vulnerability can lead to internal network access / potential data disclosure from a device.

Vendor	Product	Versions
Lexmark	CX, XC, CS, MS, MX, XM, et. al.	affected `0 - <= CXTLS.250.199` affected `0 - <= MXTLS.250.199` affected `0 - <= CSTLS.250.199` affected `0 - <= MSNSN.250.199` affected `0 - <= MSTSN.250.199` +54 more versions

Weaknesses (CWE)

CWE-918

References

https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-9269

Description

Affected Products

Weaknesses (CWE)

References