45 matches found
Exploit for Improper Encoding or Escaping of Output in Cisco Catalyst_Sd-Wan_Manager
🚨 CVE-2026-20245 - Cisco Catalyst SD-WAN Manager Privilege Esc...
Cisco Catalyst SD-WAN Controller, Catalyst SD-WAN Manager, and Catalyst SD-WAN Validator Authenticated Privilege Escalation (cisco-sa-sdwan-privesc-4uxFrdzx)
According to its self-reported version, Cisco SD-WAN Viptela Software is affected by a vulnerability. - A vulnerability in the CLI of Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD- WAN Manager, formerly SD-WAN vManage, and Cisco Catalyst SD-WAN Validator, formerly...
Kwetsbaarheid verholpen in Cisco SD-WAN Manager
Cisco has identified a vulnerability in SD-WAN Manager, previously known as SD-WAN vManage. A malicious individual could exploit this vulnerability by uploading a specially crafted file to the affected system and thereby elevating their privileges to root user status. Cisco indicates that active...
VulnCheck KEV: CVE-2026-20245
A vulnerability in the CLI of Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, and Cisco Catalyst SD-WAN Validator, formerly SD-WAN vBond, could allow an authenticated, local attacker to execute arbitrary commands as root by supplyi...
CVE-2026-20245 Cisco Catalyst SD-WAN Controller Authenticated Privilege Escalation Vulnerability
A vulnerability in the CLI of Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, and Cisco Catalyst SD-WAN Validator, formerly SD-WAN vBond, could allow an authenticated, local attacker to execute arbitrary commands as root by supplyi...
CVE-2026-20245
A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system. This vulnerability is due to insufficient validation of user-supplied input...
Cisco Catalyst SD-WAN Controller, Catalyst SD-WAN Manager, and Catalyst SD-WAN Validator Authenticated Privilege Escalation Vulnerability
A vulnerability in the CLI of Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, and Cisco Catalyst SD-WAN Validator, formerly SD-WAN vBond, could allow an authenticated, local attacker to execute arbitrary commands as root by supplyi...
PT-2026-46400
Name of the Vulnerable Software and Affected Versions Cisco Catalyst SD-WAN Controller affected versions not specified Cisco Catalyst SD-WAN Manager affected versions not specified Cisco Catalyst SD-WAN Validator affected versions not specified Description A flaw in the Command Line Interface CLI...
CVE-2026-20129
A vulnerability in the API user authentication of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain access to an affected system as a user who has the netadmin role. The vulnerability is due to improper authentication for requests that are sent to the API. An...
EUVD-2026-8677
A vulnerability in the API user authentication of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain access to an affected system as a user who has the netadmin role. The vulnerability is due to improper authentication for requests that are sent to the API. An...
CVE-2026-20129
A vulnerability in the API user authentication of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain access to an affected system as a user who has the netadmin role. The vulnerability is due to improper authentication for requests that are sent to the API. An...
CVE-2026-20129
A vulnerability in the API user authentication of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain access to an affected system as a user who has the netadmin role. The vulnerability is due to improper authentication for requests that are sent to the API. An...
CVE-2026-20129 Cisco Catayst SD-WAN Authentication Bypass Vulnerability
A vulnerability in the API user authentication of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain access to an affected system as a user who has the netadmin role. The vulnerability is due to improper authentication for requests that are sent to the API. An...
CVE-2026-20129
A vulnerability in the API user authentication of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain access to an affected system as a user who has the netadmin role. The vulnerability is due to improper authentication for requests that are sent to the API. An...
CVE-2026-20129 Cisco Catayst SD-WAN Authentication Bypass Vulnerability
A vulnerability in the API user authentication of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain access to an affected system as a user who has the netadmin role. The vulnerability is due to improper authentication for requests that are sent to the API. An...
PT-2026-21956
Name of the Vulnerable Software and Affected Versions Cisco Catalyst SD-WAN Manager versions prior to 20.18 Description A flaw exists in the API user authentication of Cisco Catalyst SD-WAN Manager that could allow an unauthenticated, remote attacker to gain access to an affected system with...
Cisco Catalyst SD-WAN Manager(Cisco SD-WAN vManage) 授权问题漏洞
Cisco Catalyst SD-WAN Manager is a highly customizable dashboard provided by Cisco. It simplifies and automates the deployment, configuration, management, and operation of Cisco SD-WAN. There is an authorization vulnerability in Cisco Catalyst SD-WAN Manager, which stems from improper API...
CVE-2024-9513
A vulnerability was found in Netadmin Software NetAdmin IAM up to 3.5 and classified as problematic. Affected by this issue is some unknown functionality of the file /controller/api/Answer/ReturnUserQuestionsFilled of the component HTTP POST Request Handler. The manipulation of the argument...
CVE-2024-48955
Broken access control in NetAdmin 4.030319 returns data with functionalities on the endpoint that "assembles" the functionalities menus, the return of this call is not encrypted and as the system does not validate the session authorization, an attacker can copy the content of the browser of a use...
CVE-2024-51026
The NetAdmin IAM system version 4.0.30319 has a Cross Site Scripting XSS vulnerability in the /BalloonSave.ashx endpoint, where it is possible to inject a malicious payload into the Content= field...