7 matches found
EUVD-2025-18673
Malicious code in bioql PyPI...
CVE-2025-23172
The Versa Director SD-WAN orchestration platform includes a Webhook feature for sending notifications to external HTTP endpoints. However, the "Add Webhook" and "Test Webhook" functionalities can be abused by an authenticated user to send crafted HTTP requests to localhost. This can be leveraged ...
CVE-2025-23172
The Versa Director SD-WAN orchestration platform includes a Webhook feature for sending notifications to external HTTP endpoints. However, the "Add Webhook" and "Test Webhook" functionalities can be abused by an authenticated user to send crafted HTTP requests to localhost. This can be leveraged ...
CVE-2025-23169
CVE-2025-23169 affects the Versa Director SD-WAN orchestration platform. The vulnerability stems from unvalidated or unsanitized input used for UI customization (header, footer, logo), enabling a malicious user to inject and store cross-site scripting (XSS) payloads. Exploitation status across so...
PT-2025-26194 · Versa · Versa Director
Name of the Vulnerable Software and Affected Versions: Versa Director SD-WAN orchestration platform affected versions not specified Description: The Versa Director SD-WAN orchestration platform has a Webhook feature that can be abused by an authenticated user to send crafted HTTP requests to...
PT-2025-26197 · Versa · Versa Director Sd-Wan Orchestration Platform
Name of the Vulnerable Software and Affected Versions: Versa Director SD-WAN orchestration platform affected versions not specified Description: The issue concerns the Java code handling file uploads in the Versa Director SD-WAN orchestration platform, which contains an argument injection...
The vulnerability of the SD-WAN Versa Concerto automation and orchestration platform lies in the improper assignment of permissions for critical resources during the signature verification process. This allows attackers to execute arbitrary code and increase their privileges.
The vulnerability of the SD-WAN Versa Concerto automation and orchestration platform lies in the improper assignment of permissions for critical resources during the signature verification process. Exploiting this vulnerability allows attackers to execute arbitrary code and enhance their privileg...