The vulnerability of the command-line interface of microprogramming software for Cisco SD-WAN vBond Orchestrator, Cisco SD-WAN vEdge Cloud Routers, Cisco SD-WAN vEdge Routers, Cisco SD-WAN vSmart Controller, and the centralized network management system Cisco SD-WAN vManage arises from incorrect path name restrictions related to restricted access directories. This vulnerability allows attackers to create or re-record critical files.

The vulnerability of the command-line interface of microprogramming software for Cisco SD-WAN vBond Orchestrator, Cisco SD-WAN vEdge Cloud Routers, Cisco SD-WAN vEdge Routers, Cisco SD-WAN vSmart Controller, and the centralized network management system Cisco SD-WAN vManage is related to an...

PT-2022-6016 · Cisco · Cisco Sd-Wan Vsmart Controller +5

Name of the Vulnerable Software and Affected Versions: Cisco SD-WAN Software versions affected versions not specified Cisco SD-WAN vBond Orchestrator versions affected versions not specified Cisco SD-WAN vEdge Cloud Routers versions affected versions not specified Cisco SD-WAN vEdge Routers...

Critical Cisco SD-WAN Bugs Allow RCE Attacks

Cisco is warning of multiple, critical vulnerabilities in its software-defined networking for wide-area networks SD-WAN solutions for business users. Cisco issued patches addressing eight buffer-overflow and command-injection SD-WAN vulnerabilities. The most serious of these flaws could be...

The vulnerability of the Deep Packet Inspection (DPI) implementation in the SD-WAN vEdge 5000 Series and SD-WAN vEdge Cloud software allows a attacker to trigger a service failure.

The vulnerability of the Deep Packet Inspection DPI implementation in SD-WAN vEdge 5000 Series and SD-WAN vEdge Cloud software lies in state management errors. Exploiting this vulnerability could allow a malicious actor to cause service interruptions remotely...

Cisco SD-WAN vEdge 5000 Series Routers and SD-WAN vEdge Cloud Routers Denial of Service Vulnerability

Cisco SD-WAN vEdge 5000 Series Routers are Cisco's SD-WAN solution routing devices. A denial-of-service vulnerability exists in the deep packet inspection DPI engine in Cisco SD-WAN vEdge 5000 Series Routers and SD-WAN vEdge Cloud Routers, which stems from the program's failure to adequately hand...

CVE-2018-0349

A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the request admin-tech command in the CLI of the affected...

CVE-2018-0350

A vulnerability in the VPN subsystem configuration in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerabilit...

CVE-2018-0351

A vulnerability in the command-line tcpdump utility in the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerabilit...

CVE-2018-0349

A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the request admin-tech command in the CLI of the affected...