30 matches found
VMware NSX SD-WAN Edge - Command Injection
VMware NSX SD-WAN Edge formerly VeloCloud Edge before 3.1.2 contains an unauthenticated command injection in the local web UI diagnostic tools Ping/Traceroute. This template detects it reliably by injecting 'id', 'whoami', and a random marker. id: CVE-2018-6961 info: name: VMware NSX SD-WAN Edge ...
EUVD-2020-6742
Malware in sbrugna...
CVE-2020-14606
Vulnerability in the Oracle SD-WAN Edge product of Oracle Communications Applications component: User Interface. Supported versions that are affected are 8.2 and 9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle SD-WAN Edge...
CVE-2024-22246
VMware SD-WAN Edge contains an unauthenticated command injection vulnerability potentially leading to remote code execution. A malicious actor with local access to the Edge Router UI during activation may be able to perform a command injection attack that could lead to full control of the router...
The vulnerability of the user interface of the Edge Router microprogramming software for devices in the VMware SD-WAN Edge and VMware SD-WAN Orchestrator software platform for managing programmatically configurable networks allows a perpetrator to execute arbitrary commands.
The vulnerability of the Edge Router user interface of microprogramming software in VMware SD-WAN Edge and the VMware SD-WAN Orchestrator platform for managing programmatically configurable networks is related to the failure to eliminate special elements used in operating systems commands...
CVE-2024-22247
VMware SD-WAN Edge contains a missing authentication and protection mechanism vulnerability. A malicious actor with physical access to the SD-WAN Edge appliance during activation can potentially exploit this vulnerability to access the BIOS configuration. In addition, the malicious actor may be...
CVE-2024-22246
VMware SD-WAN Edge contains an unauthenticated command injection vulnerability potentially leading to remote code execution. A malicious actor with local access to the Edge Router UI during activation may be able to perform a command injection attack that could lead to full control of the router...
CVE-2024-22247
VMware SD-WAN Edge contains a missing authentication and protection mechanism vulnerability. A malicious actor with physical access to the SD-WAN Edge appliance during activation can potentially exploit this vulnerability to access the BIOS configuration. In addition, the malicious actor may be...
CVE-2024-22246
VMware SD-WAN Edge contains an unauthenticated command injection vulnerability potentially leading to remote code execution. A malicious actor with local access to the Edge Router UI during activation may be able to perform a command injection attack that could lead to full control of the router...
PT-2024-3861 · Vmware · Vmware Sd-Wan Edge
Name of the Vulnerable Software and Affected Versions: VMware SD-WAN Edge affected versions not specified Description: The issue is related to a missing authentication and protection mechanism in the VMware SD-WAN Edge appliance. A malicious actor with physical access to the appliance during...
The vulnerability of the web interface of microprogramming software in VMware SD-WAN Edge devices allows a hacker to bypass security restrictions and gain access to read, modify, or delete data.
The vulnerability of the web interface of microprogramming software in VMware SD-WAN Edge devices is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and gain read, modify, or delete access to data by downloading the...
CVE-2023-20899
VMware SD-WAN Edge contains a bypass authentication vulnerability. An unauthenticated attacker can download the Diagnostic bundle of the application under VMware SD-WAN Management...
Oracle MySQL Enterprise Monitor (Apr 2023 CPU)
The versions of MySQL Enterprise Monitor installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2023 CPU advisory. - Vulnerability in the MySQL Workbench product of Oracle MySQL component: Workbench OpenSSL. Supported versions that are affected are 8.0.32...
Vulnerabilities fixed in Oracle Communications
Vulnerabilities have been fixed in Oracle Communications. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Bypassing authentication Remote code execution User rights Access to system data...
CVE-2020-14606
Vulnerability in the Oracle SD-WAN Edge product of Oracle Communications Applications component: User Interface. Supported versions that are affected are 8.2 and 9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle SD-WAN Edge...
CVE-2020-14606
Vulnerability in the Oracle SD-WAN Edge product of Oracle Communications Applications component: User Interface. Supported versions that are affected are 8.2 and 9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle SD-WAN Edge...
CVE-2020-14606
Vulnerability in the Oracle SD-WAN Edge product of Oracle Communications Applications component: User Interface. Supported versions that are affected are 8.2 and 9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle SD-WAN Edge...
CVE-2020-14606
Vulnerability in the Oracle SD-WAN Edge product of Oracle Communications Applications component: User Interface. Supported versions that are affected are 8.2 and 9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle SD-WAN Edge...
CVE-2020-14606
CVE-2020-14606 affects Oracle SD-WAN Edge (Oracle Communications Applications) — component: User Interface. Affected versions are 8.2 and 9.0. The issue is exploitable by an unauthenticated attacker with network access over HTTP to compromise the appliance, potentially leading to takeover of Orac...
VMware NSX SD-WAN Edge Remote Code Execution (CVE-2018-6961)
A remote code execution vulnerability exists in VMware NSX SD-WAN Edge . Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...