Lucene search
K

17 matches found

Metasploit
Metasploit
added 2026/05/15 7:1 p.m.142 views

Cisco Catalyst SD-WAN Controller vHub Authentication Bypass

This module exploits an authentication bypass vulnerability CVE-2026-20182 in the Cisco Catalyst SD-WAN Controller. The vdaemon DTLS control-plane service performs no certificate or credential verification for connecting peers that claim to be a vHub device type 2. The vbondprocchallengeack...

10CVSS6.1AI score0.83838EPSS
Exploits4
GithubExploit
GithubExploit
added 2026/05/15 2:7 p.m.61 views

Exploit for Improper Authentication in Cisco Catalyst_Sd-Wan_Manager

CVE-2026-20182 Cisco Catalyst SD-WAN Controller / Manager Aut...

10CVSS6.1AI score0.83838EPSS
Exploits4
EUVD
EUVD
added 2026/05/14 4:8 p.m.7 views

EUVD-2026-30324

May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the was disclosed in February 2026. This new advisory is for a new vulnerability in the control connection handshaking. The section of this advisory includes Show...

10CVSS6.1AI score0.83838EPSS
Exploits4References2
CVE
CVE
added 2026/05/14 4:8 p.m.135 views

CVE-2026-20182

Cisco Catalyst SD-WAN Controller (vSmart) and SD-WAN Manager (vManage) are affected by CVE-2026-20182, a critical authentication bypass in the DTLS vdaemon challenge flow. The issue permits a remote, unauthenticated attacker to masquerade as a trusted peer by sending a CHALLENGE_ACK with device t...

10CVSS5.9AI score0.83838EPSS
In wildExploits4References3Affected Software2
ATTACKERKB
ATTACKERKB
added 2026/05/14 4:8 p.m.3 views

CVE-2026-20182

May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the was disclosed in February 2026. This new advisory is for a new vulnerability in the control connection handshaking. The section of this advisory includes Show...

10CVSS5.9AI score0.83838EPSS
In wildExploits4References4Affected Software1
Cvelist
Cvelist
added 2026/05/14 4:8 p.m.37 views

CVE-2026-20182 Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability

May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the was disclosed in February 2026. This new advisory is for a new vulnerability in the control connection handshaking. The section of this advisory includes Show...

10CVSS0.83838EPSS
Exploits4References2
VulnCheck KEV
VulnCheck KEV
added 2026/05/14 12:0 a.m.20 views

VulnCheck KEV: CVE-2026-20182

May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the was disclosed in February 2026. This new advisory is for a new vulnerability in the control connection handshaking. The section of this advisory includes Show...

10CVSS5.9AI score0.83838EPSS
In wildExploits4References6
RedhatCVE
RedhatCVE
added 2026/02/26 10:34 p.m.4 views

CVE-2026-20127

A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected syste...

10CVSS5.8AI score0.54797EPSS
Exploits9References1
The Hacker News
The Hacker News
added 2026/02/26 6:13 a.m.16 views

Cisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Admin Access

A newly disclosed maximum-severity security flaw in Cisco Catalyst SD-WAN Controller formerly vSmart and Catalyst SD-WAN Manager formerly vManage has come under active exploitation in the wild as part of malicious activity that dates back to 2023. The vulnerability, tracked as CVE-2026-20127 CVSS...

10CVSS7.2AI score0.54797EPSS
Exploits10
OSV
OSV
added 2026/02/25 5:25 p.m.3 views

CVE-2026-20127

A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected syste...

10CVSS5.8AI score0.54797EPSS
Exploits9References2
ATTACKERKB
ATTACKERKB
added 2026/02/25 4:14 p.m.5 views

CVE-2026-20127

A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected syste...

10CVSS7.8AI score0.54797EPSS
In wildExploits10References3Affected Software1
Cvelist
Cvelist
added 2026/02/25 4:14 p.m.25 views

CVE-2026-20127 Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability

A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected syste...

10CVSS0.54797EPSS
Exploits9References1
Vulnrichment
Vulnrichment
added 2026/02/25 4:14 p.m.5 views

CVE-2026-20127 Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability

A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected syste...

10CVSS5.8AI score0.54797EPSS
Exploits9References1
VulnCheck KEV
VulnCheck KEV
added 2026/02/25 12:0 a.m.2 views

VulnCheck KEV: CVE-2026-20127

A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected syste...

10CVSS5.9AI score0.54797EPSS
In wildExploits9References15
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-11333

Malware in sbrugna...

9CVSS8.8AI score0.00297EPSS
Exploits0References2
Cisco
Cisco
added 2023/09/13 4:0 p.m.6 views

Cisco IOS XR Software Model-Driven Programmability Behavior with AAA Authorization

Cisco IOS XR Software supports a programmatic way of configuring and collecting operational data on a network device using data models. Data models provide access to the capabilities of the devices in a network using NETCONF or gRPC. According to Cisco IOS XR Software configuration guides, if...

7.3AI score
Exploits0References1
CVE
CVE
added 2019/03/27 8:4 p.m.44 views

CVE-2018-19648

The CVE-2018-19648 entry concerns ADTRAN PMAA versions 1.6.2-1, 1.6.3, and 1.6.4. The root cause is a flaw in NETCONF Access Management (NACM) that lets unprivileged users create privileged accounts and run arbitrary commands through the diagnostic-profile over RESTCONF. Impact, per the sources, ...

9CVSS8.8AI score0.00297EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder