3 matches found
CVE-2025-23170
The Versa Director SD-WAN orchestration platform includes functionality to initiate SSH sessions to remote CPEs and the Director shell via Shell-In-A-Box. The underlying Python script, shell-connect.py, is vulnerable to command injection through the user argument. This allows an attacker to execu...
CVE-2025-23170
The Versa Director SD-WAN orchestration platform includes functionality to initiate SSH sessions to remote CPEs and the Director shell via Shell-In-A-Box. The underlying Python script, shell-connect.py, is vulnerable to command injection through the user argument. This allows an attacker to execu...
CVE-2025-23170
CVE-2025-23170 affects Versa Director SD-WAN. The flaw resides in the Shell-In-A-Box integration via the Python script shell-connect.py, which accepts a user argument vulnerable to command injection. A successful exploitation would allow an attacker to execute arbitrary commands on the Versa Dire...