Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 9:18 a.m.4 views

CVE-2025-23168

The Versa Director SD-WAN orchestration platform implements Two-Factor Authentication 2FA using One-Time Passcodes OTP delivered via email or SMS. Versa Director accepts untrusted user input when dispatching 2FA codes, allowing an attacker who knows a valid username and password to redirect the O...

8.8CVSS7.4AI score0.00315EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-18669

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00315EPSS
Exploits0References5
ICS
ICSadded 2025/07/02 8:57 p.m.5 views

Versa Networks Versa Director multiple vulnerabilities

RISK EVALUATION Versa Networks Versa Director contains a variety of vulnerabilities. In the most severe cases, a remote, unauthenticated attacker could execute arbitrary code with administrative privileges. 2. RECOMMENDED PRACTICES Upgrade to fixed versions of Versa Director. See...

8.6AI score
Exploits0References5
NVD
NVDadded 2025/06/19 12:15 a.m.4 views

CVE-2025-23168

The Versa Director SD-WAN orchestration platform implements Two-Factor Authentication 2FA using One-Time Passcodes OTP delivered via email or SMS. Versa Director accepts untrusted user input when dispatching 2FA codes, allowing an attacker who knows a valid username and password to redirect the O...

8.8CVSS0.00315EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2025/06/18 11:30 p.m.4 views

CVE-2025-23168

The Versa Director SD-WAN orchestration platform implements Two-Factor Authentication 2FA using One-Time Passcodes OTP delivered via email or SMS. Versa Director accepts untrusted user input when dispatching 2FA codes, allowing an attacker who knows a valid username and password to redirect the O...

6.3CVSS7.4AI score0.00315EPSS
Exploits0References5
CVE
CVEadded 2025/06/18 11:30 p.m.13 views

CVE-2025-23168

The CVE-2025-23168 entry describes a vulnerability in Versa Director SD-WAN’s 2FA via OTP over email/SMS. The authenticated attacker can abuse untrusted input when dispatching OTPs to redirect delivery to their device, enabling interception of codes. OTP/TOTP codes are not invalidated after use, ...

8.8CVSS6.5AI score0.00315EPSS
Exploits0References5Affected Software1
Cvelist
Cvelistadded 2025/06/18 11:30 p.m.7 views

CVE-2025-23168

The Versa Director SD-WAN orchestration platform implements Two-Factor Authentication 2FA using One-Time Passcodes OTP delivered via email or SMS. Versa Director accepts untrusted user input when dispatching 2FA codes, allowing an attacker who knows a valid username and password to redirect the O...

6.3CVSS0.00315EPSS
Exploits0References5
Krebs on Security
Krebs on Securityadded 2024/09/02 4:46 p.m.14 views

Owners of 1-Time Passcode Theft Service Plead Guilty

Three men in the United Kingdom have pleaded guilty to operating otp.agency , a once popular online service that helped attackers intercept the one-time passcodes OTPs that many websites require as a second authentication factor in addition to passwords. Launched in November 2019, OTP Agency was ...

7.2AI score
Exploits0
Rows per page
Query Builder