Kwetsbaarheid verholpen in Cisco SD-WAN Manager

Cisco has identified a vulnerability in SD-WAN Manager, previously known as SD-WAN vManage. A malicious individual could exploit this vulnerability by uploading a specially crafted file to the affected system and thereby elevating their privileges to root user status. Cisco indicates that active...

CVE-2026-20245 Cisco Catalyst SD-WAN Controller Authenticated Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system. This vulnerability is due to insufficient validation of user-supplied input...

CVE-2026-20245

A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system. This vulnerability is due to insufficient validation of user-supplied input...

Cisco Catalyst SD-WAN Manager Authenticated Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system. This vulnerability is due to insufficient validation of user-supplied input...

PT-2026-46400

Name of the Vulnerable Software and Affected Versions Cisco Catalyst SD-WAN Manager affected versions not specified Description Insufficient validation of user-supplied input in the CLI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, allows an authenticated local attacker with netadmin...

CVE-2026-20129

A vulnerability in the API user authentication of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain access to an affected system as a user who has the netadmin role. The vulnerability is due to improper authentication for requests that are sent to the API. An...

EUVD-2026-8677

A vulnerability in the API user authentication of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain access to an affected system as a user who has the netadmin role. The vulnerability is due to improper authentication for requests that are sent to the API. An...

CVE-2026-20129

A vulnerability in the API user authentication of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain access to an affected system as a user who has the netadmin role. The vulnerability is due to improper authentication for requests that are sent to the API. An...

CVE-2026-20129

A vulnerability in the API user authentication of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain access to an affected system as a user who has the netadmin role. The vulnerability is due to improper authentication for requests that are sent to the API. An...

CVE-2026-20129 Cisco Catayst SD-WAN Authentication Bypass Vulnerability

A vulnerability in the API user authentication of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain access to an affected system as a user who has the netadmin role. The vulnerability is due to improper authentication for requests that are sent to the API. An...

CVE-2026-20129

A vulnerability in the API user authentication of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain access to an affected system as a user who has the netadmin role. The vulnerability is due to improper authentication for requests that are sent to the API. An...

CVE-2026-20129 Cisco Catayst SD-WAN Authentication Bypass Vulnerability

A vulnerability in the API user authentication of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain access to an affected system as a user who has the netadmin role. The vulnerability is due to improper authentication for requests that are sent to the API. An...

PT-2026-21956

Name of the Vulnerable Software and Affected Versions Cisco Catalyst SD-WAN Manager versions prior to 20.18 Description A flaw exists in the API user authentication of Cisco Catalyst SD-WAN Manager that could allow an unauthenticated, remote attacker to gain access to an affected system with...

Cisco Catalyst SD-WAN Manager（Cisco SD-WAN vManage） 授权问题漏洞

Cisco Catalyst SD-WAN Manager is a highly customizable dashboard provided by Cisco. It simplifies and automates the deployment, configuration, management, and operation of Cisco SD-WAN. There is an authorization vulnerability in Cisco Catalyst SD-WAN Manager, which stems from improper API...

CVE-2024-9513

A vulnerability was found in Netadmin Software NetAdmin IAM up to 3.5 and classified as problematic. Affected by this issue is some unknown functionality of the file /controller/api/Answer/ReturnUserQuestionsFilled of the component HTTP POST Request Handler. The manipulation of the argument...

CVE-2024-48955

Broken access control in NetAdmin 4.030319 returns data with functionalities on the endpoint that "assembles" the functionalities menus, the return of this call is not encrypted and as the system does not validate the session authorization, an attacker can copy the content of the browser of a use...

CVE-2024-51026

The NetAdmin IAM system version 4.0.30319 has a Cross Site Scripting XSS vulnerability in the /BalloonSave.ashx endpoint, where it is possible to inject a malicious payload into the Content= field...

Exploit for Observable Discrepancy in Netadmin Netadmin_Iam

Exploit Title: CVE-2024-9513 - NetAdmin IAM Allows User Enumer...

Exploit for Observable Discrepancy in Netadmin Netadmin_Iam

Exploit Title: CVE-2024-9513 - NetAdmin IAM Allows User Enumer...

CVE-2024-51026

The NetAdmin IAM system version 4.0.30319 has a Cross Site Scripting XSS vulnerability in the /BalloonSave.ashx endpoint, where it is possible to inject a malicious payload into the Content= field...