Skip to main content

Sd Wan Vsmart Controller

5 CVEs product

Monthly

CVE-2026-20127 CRITICAL POC KEV THREAT CERT-EU Emergency

Cisco Catalyst SD-WAN Controller and Manager contain a critical authentication bypass (CVE-2026-20127, CVSS 10.0) in the peering authentication mechanism that allows unauthenticated remote attackers to obtain full administrative privileges. The vulnerability exists because peering authentication does not properly validate credentials, enabling any attacker with network access to take over the SD-WAN management plane and control the entire WAN fabric.

Cisco Authentication Bypass Sd Wan Vsmart Controller Catalyst Sd Wan Manager
NVD GitHub VulDB
CVSS 3.1
10.0
EPSS
2.6%
Threat
7.1
CVE-2022-20930 MEDIUM This Month

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite and possibly corrupt files on an affected system. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Denial Of Service Catalyst Sd Wan Manager Sd Wan Vbond Orchestrator Sd Wan Vmanage +2
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-20850 HIGH This Week

A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Cisco Apple Path Traversal Sd Wan Vbond Orchestrator Sd Wan Vmanage +3
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2022-20818 HIGH This Week

Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Sd Wan Vbond Orchestrator Sd Wan Vmanage Sd Wan Vsmart Controller +1
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-20775 HIGH POC KEV THREAT This Week

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Cisco Catalyst Sd Wan Manager Sd Wan Vbond Orchestrator Sd Wan Vedge Cloud +2
NVD GitHub
CVSS 3.1
7.8
EPSS
12.5%
EPSS 3% 7.1 CVSS 10.0
CRITICAL POC KEV THREAT Emergency

Cisco Catalyst SD-WAN Controller and Manager contain a critical authentication bypass (CVE-2026-20127, CVSS 10.0) in the peering authentication mechanism that allows unauthenticated remote attackers to obtain full administrative privileges. The vulnerability exists because peering authentication does not properly validate credentials, enabling any attacker with network access to take over the SD-WAN management plane and control the entire WAN fabric.

Cisco Authentication Bypass Sd Wan Vsmart Controller +1
NVD GitHub VulDB
EPSS 0% CVSS 6.7
MEDIUM This Month

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite and possibly corrupt files on an affected system. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Denial Of Service Catalyst Sd Wan Manager +4
NVD
EPSS 0% CVSS 7.1
HIGH This Week

A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Cisco Apple Path Traversal +5
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Sd Wan Vbond Orchestrator +3
NVD
EPSS 12% CVSS 7.8
HIGH POC KEV THREAT This Week

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Cisco Catalyst Sd Wan Manager +4
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy