3 matches found
Critical Versa Concerto Flaws Let Attackers Escape Docker and Compromise Hosts
Cybersecurity researchers have uncovered multiple critical security vulnerabilities impacting the Versa Concerto network security and SD-WAN orchestration platform that could be exploited to take control of susceptible instances. It's worth noting that the identified shortcomings remain unpatched...
CVE-2025-34027 Versa Concerto Authentication Bypass File Write Remote Code Execution
The Versa Concerto SD-WAN orchestration platform is vulnerable to an authentication bypass in the Traefik reverse proxy configuration, allowing at attacker to access administrative endpoints. The Spack upload endpoint can be leveraged for a Time-of-Check to Time-of-Use TOCTOU write in combination...
CVE-2025-34027
Summary of CVE-2025-34027: Versa Concerto SD-WAN exposes an authentication bypass in the Traefik reverse proxy configuration, enabling unauthorized access to administrative endpoints. In addition, the Spack upload endpoint can trigger a TOCTOU race with path loading manipulation to achieve remote...