Lucene search
K

6304 matches found

EUVD
EUVD
added 2026/05/14 4:8 p.m.7 views

EUVD-2026-30327

A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker with read-only permissions to elevate their privileges from low to high and perform actions as a high-privileged user. This vulnerability exists because sensitive...

5.4CVSS5.8AI score0.00194EPSS
Exploits0References2
CVE
CVE
added 2026/05/14 4:8 p.m.30 views

CVE-2026-20209

Cisco Catalyst SD-WAN Manager (formerly SD-WAN vManage) web UI vulnerability allows an authenticated, read-only user to elevate to a high-privilege role and take actions as a high-privileged user. Root cause: sensitive session information is logged in audit logs. Impact: privilege escalation with...

5.4CVSS5.8AI score0.00194EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/14 4:8 p.m.68 views

CVE-2026-20182 Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability

May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the was disclosed in February 2026. This new advisory is for a new vulnerability in the control connection handshaking. The section of this advisory includes Show...

10CVSS0.88496EPSS
Exploits4References2
CVE
CVE
added 2026/05/14 4:8 p.m.175 views

CVE-2026-20182

Cisco Catalyst SD-WAN Controller (vSmart) and SD-WAN Manager (vManage) are affected by CVE-2026-20182, a critical authentication bypass in the DTLS vdaemon challenge flow. The issue permits a remote, unauthenticated attacker to masquerade as a trusted peer by sending a CHALLENGE_ACK with device t...

10CVSS6.2AI score0.88496EPSS
In wildExploits4References3Affected Software3
ATTACKERKB
ATTACKERKB
added 2026/05/14 4:8 p.m.9 views

CVE-2026-20182

May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the was disclosed in February 2026. This new advisory is for a new vulnerability in the control connection handshaking. The section of this advisory includes Show...

10CVSS5.9AI score0.88496EPSS
In wildExploits4References4Affected Software1
Talos Blog
Talos Blog
added 2026/05/14 4:2 p.m.9 views

Ongoing exploitation of Cisco Catalyst SD-WAN vulnerabilities

Cisco Talos is tracking the active exploitation of CVE-2026-20182, an authentication bypass vulnerability in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage. Successful exploitation of CVE-2026-20182 allows an unauthenticated,...

10CVSS7.6AI score0.88496EPSS
Exploits13
Cisco
Cisco
added 2026/05/14 4:0 p.m.42 views

Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability

May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability...

10CVSS6.2AI score0.88496EPSS
Exploits4References1
Rapid7 Blog
Rapid7 Blog
added 2026/05/14 4:0 p.m.15 views

CVE-2026-20182: Critical authentication bypass in Cisco Catalyst SD-WAN Controller (FIXED)

Overview While researching a critical authentication bypass vulnerability, CVE-2026-20127, which was exploited in-the-wild, Rapid7 Labs discovered a new authentication bypass vulnerability affecting Cisco Catalyst SD-WAN Controller formerly known as vSmart, CVE-2026-20182. This new authentication...

10CVSS6.6AI score0.88496EPSS
Exploits4
CISA
CISA
added 2026/05/14 12:0 p.m.37 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-20182link is external Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability This type of vulnerability is a frequent attack vector for malicio...

10CVSS6.1AI score0.88496EPSS
In wildExploits4References9
RedhatCVE
RedhatCVE
added 2026/05/14 8:21 a.m.12 views

CVE-2026-34963

barebox version prior to 2026.04.0 contains multiple memory-safety vulnerabilities in the EFI PE loader in efi/loader/pe.c where integer overflow in virtual image size computation using 32-bit arithmetic on section VirtualAddress and size values allows undersized heap allocation, and PE section...

8.6CVSS6.3AI score0.00157EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.14 views

Cisco Catalyst SD-WAN Manager和Cisco Catalyst SD-WAN Controller 授权问题漏洞

Cisco Catalyst SD-WAN Manager Cisco SD-WAN vManage and Cisco Catalyst SD-WAN Controller are both products of the American company Cisco. Cisco Catalyst SD-WAN Manager is a highly customizable dashboard that can simplify and automate the deployment, configuration, management, and operation of Cisc...

10CVSS6.1AI score0.88496EPSS
Exploits4References2
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.19 views

PT-2026-40960

Name of the Vulnerable Software and Affected Versions Cisco Catalyst SD-WAN Manager versions prior to 26.0.1 Description A flaw in the web UI of Cisco Catalyst SD-WAN Manager allows an authenticated remote attacker with read-only permissions to elevate their privileges to a high-privileged level...

5.4CVSS5.8AI score0.00194EPSS
Exploits0References4
VulnCheck KEV
VulnCheck KEV
added 2026/05/14 12:0 a.m.29 views

VulnCheck KEV: CVE-2026-20182

May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the was disclosed in February 2026. This new advisory is for a new vulnerability in the control connection handshaking. The section of this advisory includes Show...

10CVSS6.2AI score0.88496EPSS
In wildExploits4References6
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.17 views

PT-2026-40959

Name of the Vulnerable Software and Affected Versions Cisco Catalyst SD-WAN Controller affected versions not specified Cisco Catalyst SD-WAN Manager affected versions not specified Cisco Catalyst SD-WAN Validator affected versions not specified Description A flaw in the peering authentication...

10CVSS7.5AI score0.88496EPSS
Exploits4References276
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.9 views

Cisco Catalyst SD-WAN Manager 输入验证错误漏洞

Cisco Catalyst SD-WAN Manager is a highly customizable dashboard provided by the American company Cisco. It simplifies and automates the deployment, configuration, management, and operation of Cisco SD-WAN. There is an input validation vulnerability in Cisco Catalyst SD-WAN Manager, which stems...

8.6CVSS6AI score0.00696EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.14 views

PT-2026-40962

Name of the Vulnerable Software and Affected Versions Cisco Catalyst SD-WAN Manager affected versions not specified Description A flaw in the web UI of Cisco Catalyst SD-WAN Manager, previously known as SD-WAN vManage, allows an unauthenticated remote attacker to read arbitrary files from the...

8.6CVSS5.9AI score0.00696EPSS
Exploits0References12
EUVD
EUVD
added 2026/05/13 9:32 p.m.8 views

EUVD-2026-30095

An improper certificate validation vulnerability in the Palo Alto Networks Prisma SD-WAN ION enables man-in-the-middle MitM attacker to impersonate the controller...

7.7CVSS5.8AI score0.00107EPSS
Exploits0References2
NVD
NVD
added 2026/05/13 8:16 p.m.26 views

CVE-2026-0243

A denial of service DoS vulnerability in Palo Alto Networks Prisma SD-WAN ION devices enables an unauthenticated attacker in a network adjacent to a Prisma SD-WAN ION device to cause a system disruption by sending a specially crafted IPv6 packet...

7.1CVSS0.00161EPSS
Exploits0References1
NVD
NVD
added 2026/05/13 7:16 p.m.8 views

CVE-2026-0244

An improper certificate validation vulnerability in the Palo Alto Networks Prisma SD-WAN ION enables man-in-the-middle MitM attacker to impersonate the controller...

7.7CVSS0.00107EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/13 7:10 p.m.10 views

CVE-2026-0243 Prisma SD-WAN: Denial of Service (DoS) Vulnerability Through IPv6 Crafted Packet

A denial of service DoS vulnerability in Palo Alto Networks Prisma SD-WAN ION devices enables an unauthenticated attacker in a network adjacent to a Prisma SD-WAN ION device to cause a system disruption by sending a specially crafted IPv6 packet...

7.1CVSS5.8AI score0.00161EPSS
Exploits0References1
Rows per page
Query Builder