Skip to main content

Unity Edgeconnect Sd Wan Firmware

7 CVEs product

Monthly

CVE-2019-16105 MEDIUM This Month

Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows ..%2f directory traversal via a rest/json/configdb/download/ URI. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Unity Edgeconnect Sd Wan Firmware
NVD GitHub
CVSS 3.0
4.9
EPSS
1.7%
CVE-2019-16104 MEDIUM POC This Month

Silver Peak EdgeConnect SD-WAN before 8.1.7.x has reflected XSS via the rest/json/configdb/download/ PATH_INFO. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Unity Edgeconnect Sd Wan Firmware
NVD GitHub
CVSS 3.1
6.1
EPSS
0.8%
CVE-2019-16103 HIGH POC This Week

Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows privilege escalation (by administrators) from the menu to a root Bash OS shell via the spsshell feature. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Unity Edgeconnect Sd Wan Firmware
NVD GitHub
CVSS 3.0
7.2
EPSS
1.8%
CVE-2019-16102 CRITICAL Act Now

Silver Peak EdgeConnect SD-WAN before 8.1.7.x has an SNMP service with a public value for rocommunity and trapcommunity. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Unity Edgeconnect Sd Wan Firmware
NVD GitHub
CVSS 3.0
9.8
EPSS
1.5%
CVE-2019-16101 MEDIUM This Month

Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows remote attackers to obtain potentially sensitive stack traces by sending incorrect JSON data to the REST API, such as the rest/json/banners URI. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Unity Edgeconnect Sd Wan Firmware
NVD GitHub
CVSS 3.0
5.3
EPSS
1.5%
CVE-2019-16100 HIGH POC This Week

Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows remote attackers to trigger a web-interface outage via slow client-side HTTP traffic from a single source. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Unity Edgeconnect Sd Wan Firmware
NVD GitHub
CVSS 3.0
7.5
EPSS
1.8%
CVE-2019-16099 HIGH POC This Week

Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows CSRF via JSON data to a .swf file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Unity Edgeconnect Sd Wan Firmware
NVD GitHub
CVSS 3.0
8.8
EPSS
0.6%
EPSS 2% CVSS 4.9
MEDIUM This Month

Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows ..%2f directory traversal via a rest/json/configdb/download/ URI. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Unity Edgeconnect Sd Wan Firmware
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM POC This Month

Silver Peak EdgeConnect SD-WAN before 8.1.7.x has reflected XSS via the rest/json/configdb/download/ PATH_INFO. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Unity Edgeconnect Sd Wan Firmware
NVD GitHub
EPSS 2% CVSS 7.2
HIGH POC This Week

Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows privilege escalation (by administrators) from the menu to a root Bash OS shell via the spsshell feature. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Unity Edgeconnect Sd Wan Firmware
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL Act Now

Silver Peak EdgeConnect SD-WAN before 8.1.7.x has an SNMP service with a public value for rocommunity and trapcommunity. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Unity Edgeconnect Sd Wan Firmware
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM This Month

Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows remote attackers to obtain potentially sensitive stack traces by sending incorrect JSON data to the REST API, such as the rest/json/banners URI. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Unity Edgeconnect Sd Wan Firmware
NVD GitHub
EPSS 2% CVSS 7.5
HIGH POC This Week

Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows remote attackers to trigger a web-interface outage via slow client-side HTTP traffic from a single source. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Unity Edgeconnect Sd Wan Firmware
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows CSRF via JSON data to a .swf file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Unity Edgeconnect Sd Wan Firmware
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy