3983 matches found
PT-2026-40962
Name of the Vulnerable Software and Affected Versions Cisco Catalyst SD-WAN Manager affected versions not specified Description A flaw in the web UI of Cisco Catalyst SD-WAN Manager, previously known as SD-WAN vManage, allows an unauthenticated remote attacker to read arbitrary files from the...
EUVD-2026-30095
An improper certificate validation vulnerability in the Palo Alto Networks Prisma SD-WAN ION enables man-in-the-middle MitM attacker to impersonate the controller...
CVE-2026-0243
A denial of service DoS vulnerability in Palo Alto Networks Prisma SD-WAN ION devices enables an unauthenticated attacker in a network adjacent to a Prisma SD-WAN ION device to cause a system disruption by sending a specially crafted IPv6 packet...
CVE-2026-0244
An improper certificate validation vulnerability in the Palo Alto Networks Prisma SD-WAN ION enables man-in-the-middle MitM attacker to impersonate the controller...
CVE-2026-0243
The CVE-2026-0243 entry concerns Palo Alto Networks Prisma SD-WAN ION devices. A denial-of-service condition arises when an unauthenticated attacker on an adjacent network sends a specially crafted IPv6 packet, causing a system disruption. The description identifies this as a high-severity issue ...
CVE-2026-0243 Prisma SD-WAN: Denial of Service (DoS) Vulnerability Through IPv6 Crafted Packet
A denial of service DoS vulnerability in Palo Alto Networks Prisma SD-WAN ION devices enables an unauthenticated attacker in a network adjacent to a Prisma SD-WAN ION device to cause a system disruption by sending a specially crafted IPv6 packet...
CVE-2026-0244 Prisma SD-WAN: Improper Certificate Validation Vulnerability
An improper certificate validation vulnerability in the Palo Alto Networks Prisma SD-WAN ION enables man-in-the-middle MitM attacker to impersonate the controller...
CVE-2026-0244
The CVE-2026-0244 issue affects Palo Alto Networks’ Prisma SD-WAN ION and is due to improper certificate validation. This vulnerability enables a man-in-the-middle attacker to impersonate the controller, with high potential impact to confidentiality, integrity, and availability. Root cause is cer...
PT-2026-40768
An improper certificate validation vulnerability in the Palo Alto Networks Prisma SD-WAN ION enables man-in-the-middle MitM attacker to impersonate the controller...
Palo Alto Networks Prisma SD-WAN ION 安全漏洞
Palo Alto Networks Prisma SD-WAN ION is a series of next-generation software-defined enterprise branch devices from the American company Palo Alto Networks. These devices integrate 4G or 5G cellular network access capabilities. There is a security vulnerability in Palo Alto Networks Prisma SD-WAN...
PT-2026-40779
A denial of service DoS vulnerability in Palo Alto Networks Prisma SD-WAN ION devices enables an unauthenticated attacker in a network adjacent to a Prisma SD-WAN ION device to cause a system disruption by sending a specially crafted IPv6 packet...
CVE-2026-40408
CVE-2026-40408 is described as a use-after-free in Windows kernel-mode drivers that enables local privilege escalation for an authenticated attacker. The provided documents consistently state local elevation of privileges but do not specify the affected products, driver components, or vulnerable ...
CVE-2026-8190
A vulnerability was determined in Wavlink NU516U1 M16U1V240425. Affected by this issue is the function wan of the file /cgi-bin/adm.cgi. This manipulation of the argument pppusername/ppppasswd/rwanip/rwanmask/rwangateway is directly passed by the attacker/so we can control the...
CVE-2026-33357
In Meari client applications embedding "com.meari.sdk" including CloudEdge 5.5.0 build 220, Arenti 1.8.1 build 220, and related white-label = 1.8.x, the integrated call path to openapi-euce.mearicloud.com can be abused to retrieve WAN IP data for arbitrary devices. The root cause is a server-side...
CVE-2026-33357
In Meari client applications embedding "com.meari.sdk" including CloudEdge 5.5.0 build 220, Arenti 1.8.1 build 220, and related white-label = 1.8.x, the integrated call path to openapi-euce.mearicloud.com can be abused to retrieve WAN IP data for arbitrary devices. The root cause is a server-side...
CVE-2026-33357
CVE-2026-33357 affects Meari client applications that embed com.meari.sdk, including CloudEdge 5.5.0 build 220, Arenti 1.8.1 build 220, and related white-label
Tenda AC6 命令注入漏洞
Tenda AC6 is a wireless router produced by the Chinese company Tenda. The version 15.03.06.23 of Tenda AC6 has a command injection vulnerability. This vulnerability stems from the function getlogfile in the httpd component’s file/goform, which processes the parameter wan.flag, potentially allowin...
Meari com.meari.sdk 安全漏洞
Meari com.meari.sdk is a development toolkit for IoT communication and device management software, developed by Meari Corporation in China. There is a security vulnerability in Meari com.meari.sdk, which stems from failed server-side authorization. This vulnerability could allow unauthorized...
CVE-2026-8190
A vulnerability was determined in Wavlink NU516U1 M16U1V240425. Affected by this issue is the function wan of the file /cgi-bin/adm.cgi. This manipulation of the argument pppusername/ppppasswd/rwanip/rwanmask/rwangateway is directly passed by the attacker/so we can control the...
CVE-2026-8190 Wavlink NU516U1 adm.cgi wan os command injection
A vulnerability was determined in Wavlink NU516U1 M16U1V240425. Affected by this issue is the function wan of the file /cgi-bin/adm.cgi. This manipulation of the argument pppusername/ppppasswd/rwanip/rwanmask/rwangateway is directly passed by the attacker/so we can control the...