CVE-2026-20245 Cisco Catalyst SD-WAN Controller Authenticated Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system. This vulnerability is due to insufficient validation of user-supplied input...

Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability

Cisco Catalyst SD-WAN Manager contains an exposure of sensitive information to an unauthorized actor vulnerability that could allow remote attackers to view sensitive information on affected systems...

Ecessa WANWorx WVR-30 跨站请求伪造漏洞

The Ecessa WANWorx WVR-30 is a software-defined WAN appliance from Ecessa Corporation, USA. A cross-site request forgery vulnerability exists in the Ecessa WANWorx WVR-30 versions prior to 10.7.4, which stems from susceptibility to a cross-site request forgery attack that could lead to the...

CVE-2025-11192 Fabric Engine (VOSS) AutoSense Authentication Bypass

A vulnerability in Extreme Networks’ Fabric Engine VOSS before 9.3 was discovered. When SD-WAN AutoSense is enabled on a port, it may automatically configure fabric connectivity without validating ISIS authentication settings. The SD-WAN AutoSense implementation may be exploited by malicious acto...

Hewlett Packard Enterprise EdgeConnect SD-WAN 安全漏洞

Hewlett Packard Enterprise EdgeConnect SD-WAN is Hewlett Packard Enterprise's secure network foundation for Zero Trust and SASE. It includes best-in-class SD-WAN and next-generation firewalls that deliver unrivaled quality of experience and advanced security. A security vulnerability exists in...

Cisco Catalyst SD-WAN Manager 安全漏洞

Cisco Catalyst SD-WAN Manager Cisco SD-WAN vManage is a highly customizable dashboard from Cisco, Inc. that simplifies and automates the deployment, configuration, management, and operation of Cisco SD-WAN. A security vulnerability exists in Cisco Catalyst SD-WAN Manager that stems from the...

CVE-2023-37426

EdgeConnect SD-WAN Orchestrator instances prior to the versions resolved in this advisory were found to have shared static SSH host keys for all installations. This vulnerability could allow an attacker to spoof the SSH host signature and thereby masquerade as a legitimate Orchestrator host...

Aruba Networks EdgeConnect SD-WAN Orchestrator SQL注入漏洞

Aruba Networks EdgeConnect is an edge connectivity management platform from Aruba Networks, USA. A security vulnerability exists in the Aruba Networks EdgeConnect SD-WAN Orchestrator that stems from an SQL injection vulnerability in the web-based management interface...

Aruba Networks EdgeConnect SD-WAN Orchestrator 跨站脚本漏洞

Aruba Networks EdgeConnect is an edge connectivity management platform from Aruba Networks, USA. A security vulnerability exists in the Aruba Networks EdgeConnect SD-WAN Orchestrator that stems from a stored cross-site scripting vulnerability in the web-based management interface...

Cisco SD-WAN vManage Software 跨站请求伪造漏洞

Cisco SD-WAN vManage Software is a management software for SD-WAN Software Defined Wide Area Network solutions from Cisco. A security vulnerability exists in Cisco SD-WAN vManage Software due to insufficient CSRF protection in the web-based management interface on affected systems...

PT-2022-6177 · Cisco · Cisco Sd-Wan +1

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE SD-WAN Software affected versions not specified Cisco SD-WAN Software affected versions not specified Description: A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an...

PT-2021-5069 · Cisco · Cisco Sd-Wan

Name of the Vulnerable Software and Affected Versions: Cisco SD-WAN Software affected versions not specified Description: A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to access sensitive information. This issue is due to improper protections on...

CVE-2021-22919

A vulnerability has been discovered in Citrix ADC formerly known as NetScaler ADC and Citrix Gateway formerly known as NetScaler Gateway, and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could lead to the limited available disk...

The vulnerability in the web interface of the programmatically defined Cisco SD-WAN messaging service allows a perpetrator to bypass authentication and alter the configuration of the target system.

The vulnerability of the Cisco SD-WAN program-defined messaging web interface is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to bypass authentication and alter the configuration of the target system by sending specially crafted HTTP requests...

The vulnerability in the vManage web interface of the software-defined Cisco SD-WAN network allows a malicious individual to gain unauthorized access to protected information.

The vulnerability in the vManage web interface of the Cisco SD-WAN software-defined network is related to errors in processing HTTP headers. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

CVE-2021-1514

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An...

The vulnerability of the CLI component in Cisco IOS XE routers for Cisco IOS XE SD-WAN allows a attacker to gain access to the basic operating system with superuser privileges.

The vulnerability of Cisco IOS XE operating system routers in Cisco IOS XE SD-WAN devices exists due to insufficient validation of input data. Exploiting this vulnerability can allow attackers to gain access to the basic operating system with superuser privileges...

Cisco IOS XE SD-WAN Software 安全漏洞

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. An arbitrary file overwrite vulnerability exists in the CLI for SD-WAN for Cisco IOS XE. The vulnerability stems from insufficient validation of parameters for specific CLI...

Cisco IOS XE 缓冲区错误漏洞

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A buffer overflow vulnerability exists in the vDaemon process for SD-WAN on Cisco IOS XE. The vulnerability stems from insufficient boundary checking when the device processes...

The vulnerability of the command-line interface (CLI) of the vManage web interface for programmatically defined Cisco SD-WAN networks allows a attacker to compromise the integrity of protected information.

The vulnerability of the command-line interface CLI of the vManage web interface for the Cisco SD-WAN network is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to compromise the integrity of the protected information...