Skip to main content

Sd Wan Firmware

37 CVEs product

Monthly

CVE-2021-1241 HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Denial Of Service Ios Xe Sd Wan Sd Wan Firmware +3
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2021-1233 MEDIUM This Month

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to access sensitive information on an affected device. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Sd Wan Firmware Catalyst Sd Wan Manager Sd Wan Vbond Orchestrator
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2021-1305 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Ios Xe Sd Wan Sd Wan Firmware Sd Wan Vsmart Controller Firmware +1
NVD
CVSS 3.1
4.3
EPSS
1.3%
CVE-2021-1301 CRITICAL Act Now

Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against an affected device. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Ios Xe Sd Wan Sd Wan Firmware Sd Wan Vsmart Controller Firmware +2
NVD
CVSS 3.1
9.8
EPSS
2.1%
CVE-2021-1300 CRITICAL Act Now

Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against an affected device. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Ios Xe Sd Wan Sd Wan Firmware Sd Wan Vsmart Controller Firmware +2
NVD
CVSS 3.1
9.8
EPSS
2.1%
CVE-2021-1299 HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Command Injection Sd Wan Firmware Sd Wan Vsmart Controller Firmware Catalyst Sd Wan Manager +1
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2021-1298 HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Command Injection Sd Wan Firmware Sd Wan Vsmart Controller Firmware Catalyst Sd Wan Manager +1
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2021-1279 HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Denial Of Service Ios Xe Sd Wan Sd Wan Firmware +3
NVD
CVSS 3.1
8.6
EPSS
1.4%
CVE-2021-1278 HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Denial Of Service Ios Xe Sd Wan Sd Wan Firmware +3
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2021-1274 HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Denial Of Service Ios Xe Sd Wan Sd Wan Firmware +3
NVD
CVSS 3.1
8.6
EPSS
1.9%
CVE-2021-1273 HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Denial Of Service Ios Xe Sd Wan Sd Wan Firmware +3
NVD
CVSS 3.1
8.6
EPSS
1.4%
CVE-2021-1263 HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Sd Wan Firmware Sd Wan Vsmart Controller Firmware Catalyst Sd Wan Manager +1
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2021-1262 HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Sd Wan Firmware Sd Wan Vsmart Controller Firmware Catalyst Sd Wan Manager +1
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2021-1261 HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Sd Wan Firmware Sd Wan Vsmart Controller Firmware Catalyst Sd Wan Manager +1
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2021-1260 HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Sd Wan Firmware Sd Wan Vsmart Controller Firmware Catalyst Sd Wan Manager +1
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2020-3468 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco SQLi Sd Wan Firmware
NVD
CVSS 3.1
5.4
EPSS
1.0%
CVE-2020-3437 MEDIUM POC This Month

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to read arbitrary files on the underlying filesystem of the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Cisco Information Disclosure Sd Wan Firmware
NVD
CVSS 3.1
6.5
EPSS
2.9%
CVE-2020-3406 MEDIUM This Month

A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Cisco Sd Wan Firmware
NVD
CVSS 3.1
5.4
EPSS
0.8%
CVE-2020-3405 HIGH This Week

A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected system. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XXE Sd Wan Firmware
NVD
CVSS 3.1
7.3
EPSS
1.3%
CVE-2020-3401 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct path traversal attacks and obtain read access to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Path Traversal Sd Wan Firmware
NVD
CVSS 3.1
6.5
EPSS
2.6%
CVE-2020-3388 HIGH This Week

A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Authentication Bypass Sd Wan Firmware
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-3387 HIGH POC THREAT This Week

A vulnerability in Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to execute code with root privileges on an affected system. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Cisco Information Disclosure Sd Wan Firmware
NVD
CVSS 3.1
8.8
EPSS
13.0%
CVE-2020-3385 MEDIUM This Month

A vulnerability in the deep packet inspection (DPI) engine of Cisco SD-WAN vEdge Routers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Sd Wan Firmware Vedge Cloud Router
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2020-3381 HIGH This Week

A vulnerability in the web management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct directory traversal attacks and obtain read and write access. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Path Traversal Sd Wan Firmware
NVD
CVSS 3.1
8.8
EPSS
2.6%
CVE-2020-3379 HIGH This Week

A vulnerability in Cisco SD-WAN Solution Software could allow an authenticated, local attacker to elevate privileges to Administrator on the underlying operating system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Privilege Escalation Sd Wan Firmware Vbond Orchestrator Vsmart Controller
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-3378 MEDIUM This Month

A vulnerability in the web-based management interface for Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to impact the integrity of an affected system by executing. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco SQLi Sd Wan Firmware
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2020-3372 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to consume excessive system memory and cause a denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Sd Wan Firmware
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2020-3369 HIGH This Week

A vulnerability in the deep packet inspection (DPI) engine of Cisco SD-WAN vEdge Routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Sd Wan Firmware Vedge Cloud Router
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2020-3351 HIGH This Week

A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Sd Wan Firmware Vedge Cloud Router Vsmart Controller
NVD
CVSS 3.1
8.6
EPSS
1.4%
CVE-2020-3266 HIGH This Week

A vulnerability in the CLI of Cisco SD-WAN Solution software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Sd Wan Firmware
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2020-3265 HIGH This Week

A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Privilege Escalation Sd Wan Firmware
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-3264 HIGH POC This Week

A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Cisco Sd Wan Firmware
NVD GitHub
CVSS 3.1
7.1
EPSS
0.7%
CVE-2020-3115 HIGH This Week

A vulnerability in the CLI of the Cisco SD-WAN Solution vManage software could allow an authenticated, local attacker to elevate privileges to root-level privileges on the underlying operating. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Privilege Escalation Sd Wan Firmware
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2019-16002 MEDIUM This Month

A vulnerability in the vManage web-based UI (web UI) of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco CSRF Sd Wan Firmware
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2019-1951 MEDIUM This Month

A vulnerability in the packet filtering features of Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to bypass L3 and L4 traffic filters. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Sd Wan Firmware
NVD
CVSS 3.1
5.8
EPSS
1.5%
CVE-2019-1626 HIGH This Week

A vulnerability in the vManage web-based UI (Web UI) of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to gain elevated privileges on an affected vManage device. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Cisco Sd Wan Firmware
NVD
CVSS 3.1
8.8
EPSS
1.9%
CVE-2019-1625 HIGH This Week

A vulnerability in the CLI of Cisco SD-WAN Solution could allow an authenticated, local attacker to elevate lower-level privileges to the root user on an affected device. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Cisco Sd Wan Firmware
NVD
CVSS 3.1
7.8
EPSS
0.4%
EPSS 1% CVSS 7.5
HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Denial Of Service +5
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to access sensitive information on an affected device. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Sd Wan Firmware +2
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Ios Xe Sd Wan +3
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against an affected device. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Ios Xe Sd Wan +4
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against an affected device. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Ios Xe Sd Wan +4
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Command Injection Sd Wan Firmware +3
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Command Injection Sd Wan Firmware +3
NVD
EPSS 1% CVSS 8.6
HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Denial Of Service +5
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Denial Of Service +5
NVD
EPSS 2% CVSS 8.6
HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Denial Of Service +5
NVD
EPSS 1% CVSS 8.6
HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Denial Of Service +5
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Sd Wan Firmware +3
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Sd Wan Firmware +3
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Sd Wan Firmware +3
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Sd Wan Firmware +3
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco SQLi Sd Wan Firmware
NVD
EPSS 3% CVSS 6.5
MEDIUM POC This Month

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to read arbitrary files on the underlying filesystem of the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Cisco Information Disclosure Sd Wan Firmware
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Cisco Sd Wan Firmware
NVD
EPSS 1% CVSS 7.3
HIGH This Week

A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected system. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XXE Sd Wan Firmware
NVD
EPSS 3% CVSS 6.5
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct path traversal attacks and obtain read access to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Path Traversal Sd Wan Firmware
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Authentication Bypass Sd Wan Firmware
NVD
EPSS 13% CVSS 8.8
HIGH POC THREAT This Week

A vulnerability in Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to execute code with root privileges on an affected system. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Cisco Information Disclosure Sd Wan Firmware
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability in the deep packet inspection (DPI) engine of Cisco SD-WAN vEdge Routers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Sd Wan Firmware +1
NVD
EPSS 3% CVSS 8.8
HIGH This Week

A vulnerability in the web management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct directory traversal attacks and obtain read and write access. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Path Traversal Sd Wan Firmware
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability in Cisco SD-WAN Solution Software could allow an authenticated, local attacker to elevate privileges to Administrator on the underlying operating system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Privilege Escalation Sd Wan Firmware +2
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

A vulnerability in the web-based management interface for Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to impact the integrity of an affected system by executing. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco SQLi Sd Wan Firmware
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to consume excessive system memory and cause a denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Sd Wan Firmware
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in the deep packet inspection (DPI) engine of Cisco SD-WAN vEdge Routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Sd Wan Firmware +1
NVD
EPSS 1% CVSS 8.6
HIGH This Week

A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Sd Wan Firmware +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A vulnerability in the CLI of Cisco SD-WAN Solution software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Sd Wan Firmware
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Privilege Escalation Sd Wan Firmware
NVD
EPSS 1% CVSS 7.1
HIGH POC This Week

A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Cisco Sd Wan Firmware
NVD GitHub
EPSS 0% CVSS 8.8
HIGH This Week

A vulnerability in the CLI of the Cisco SD-WAN Solution vManage software could allow an authenticated, local attacker to elevate privileges to root-level privileges on the underlying operating. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Privilege Escalation Sd Wan Firmware
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability in the vManage web-based UI (web UI) of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco CSRF Sd Wan Firmware
NVD
EPSS 1% CVSS 5.8
MEDIUM This Month

A vulnerability in the packet filtering features of Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to bypass L3 and L4 traffic filters. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Sd Wan Firmware
NVD
EPSS 2% CVSS 8.8
HIGH This Week

A vulnerability in the vManage web-based UI (Web UI) of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to gain elevated privileges on an affected vManage device. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Cisco Sd Wan Firmware
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability in the CLI of Cisco SD-WAN Solution could allow an authenticated, local attacker to elevate lower-level privileges to the root user on an affected device. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Cisco Sd Wan Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy