HPE Aruba Networking EdgeConnect SD-WAN Gateways 安全漏洞

HPE Aruba Networking EdgeConnect SD-WAN Gateways is an edge gateway appliance from HPE America. A security vulnerability exists in HPE Aruba Networking EdgeConnect SD-WAN Gateways, which stems from flaws in the encryption logic that could lead to the execution of arbitrary commands by an...

CVE-2025-20187

A vulnerability in the application data endpoints of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to write arbitrary files to an affected system. This vulnerability is due to improper validation of requests to APIs. An attacker could...

CVE-2025-20155

A vulnerability in the bootstrap loading of Cisco IOS XE Software could allow an authenticated, local attacker to write arbitrary files to an affected system. This vulnerability is due to insufficient input validation of the bootstrap file that is read by the system software when a device is firs...

Cisco Releases Security Update for SD-WAN vManage API

Cisco has released a security update to address a critical vulnerability affecting SD-WAN vManage APIlink is external. A remote attacker can exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the Cisco security release Cisco SD-WAN...

The vulnerability of the emergency recovery function of the Cisco SD-WAN vManage centralized system allows a intruder to gain unauthorized access to the device.

The vulnerability of the emergency recovery function of the Cisco SD-WAN vManage centralized system management platform is related to insufficient protection of registration data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to the...

PT-2021-13518 · Cisco · Cisco Sd-Wan Vedge

Name of the Vulnerable Software and Affected Versions: Cisco SD-WAN vEdge Software affected versions not specified Description: The issue allows an attacker to execute arbitrary code as the root user or cause a denial of service DoS condition on an affected device. Recommendations: At the moment,...

Cisco SD-WAN vManage 安全漏洞

Cisco SD-WAN vManage is a software from Cisco that provides software-defined networking capabilities. The software provides a way to virtualize the network. A security vulnerability exists in Cisco SD-WAN vManage that can be exploited by an unauthenticated, remote attacker to view sensitive...

CVE-2021-1479

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or allow an authenticated, local attacker to gain escalated privileges on an affected system. For more information about these vulnerabilities, see the Details secti...

Cisco SD-WAN vManage Software 输入验证错误漏洞

Cisco SD-WAN vManage Software is a management software for SD-WAN Software Defined Wide Area Network solutions from Cisco. Cisco SD-WAN vManage Software suffers from an input validation error vulnerability that stems from insufficient validation of HTTP requests. An attacker could exploit the...

The vulnerability of the SSH web interface of the vManage program-defined network in Cisco SD-WAN allows a intruder to gain unauthorized access to protected information.

The vulnerability of the SSH web interface of the vManage program-defined network in Cisco SD-WAN exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

PT-2021-1897 · Cisco · Cisco Sd-Wan

Name of the Vulnerable Software and Affected Versions: Cisco SD-WAN products affected versions not specified Description: The issue is related to multiple vulnerabilities in Cisco SD-WAN products that could allow an unauthenticated, remote attacker to execute attacks against an affected device. O...

The vulnerability of the Snort intrusion detection system, which includes Cisco Firepower Threat Defense (FTD) for microprogramming network firewalls, Cisco SD-WAN for programmatically defined networks, Cisco IOS XE for network operating systems, and Cisco Meraki for networking devices, allows attackers to bypass security measures and execute malicious activities.

The vulnerability of the Snort intrusion detection system, the microprogramming software for Cisco Firepower Threat Defense FTD, the program-defined network Cisco SD-WAN, the Cisco IOS XE network operating system, and the microprogramming software for Cisco Meraki devices is related to a flaw in...

The vulnerability in the vManage web interface of the software-defined Cisco SD-WAN network allows a malicious actor to gain unauthorized access to protected information and to modify, add, or delete data.

The vulnerability in the vManage web interface of the Cisco SD-WAN program-defined network is related to errors in restricting XML links to external objects. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information and to modify, add, or delete data...

Cisco SD-WAN Solution Resource Management Error Vulnerability

Cisco SD-WAN Solution is a set of network extension solutions from Cisco. A resource management error vulnerability exists in Cisco SD-WAN Solution versions prior to 17.2.7 and prior to 18.3.0. A remote attacker could exploit this vulnerability to cause a denial of service with the help of a...

Cisco SD-WAN Solution Command Injection Vulnerability (CNVD-2020-19236)

Cisco SD-WAN Solution is a suite of network extension solutions from Cisco. the CLI is a command line interface. A command injection vulnerability exists in the CLI in versions prior to Cisco SD-WAN Solution Release 19.2.2, which stems from the program failing to adequately perform input...

Cisco SD-WAN Solution SQL Injection Vulnerability

Cisco SD-WAN Solution is a suite of network extension solutions from Cisco, of which vManage is the console. An SQL injection vulnerability exists in the web interface of Cisco SD-WAN Solution vManage. The vulnerability stems from insufficient validation of user-supplied input. A remote...

The vulnerability of the command-line interface of the programmatically defined Cisco SD-WAN network, related to authentication errors, allows a malicious actor to elevate their privileges to the root level.

The vulnerability of the command-line interface of the programmatically defined Cisco SD-WAN network is related to authentication errors. Exploiting this vulnerability can allow an attacker to elevate their privileges to the root level...

A New Paradigm For Cyber Threat Hunting

It's no secret that expecting security controls to block every infection vector is unrealistic. For most organizations, the chances are very high that threats have already penetrated their defenses and are lurking in their network. Pinpointing such threats quickly is essential, but traditional...