Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sd-wan vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-22246
VMware SD-WAN Edge contains an unauthenticated command injection vulnerability potentially leading to remote code execution. A malicious actor with local access to the Edge Router UI during activation may be able to perform a command injection attack that could lead to full contr...
1 Article
NA
CVE-2024-22247
VMware SD-WAN Edge contains a missing authentication and protection mechanism vulnerability. A malicious actor with physical access to the SD-WAN Edge appliance during activation can potentially exploit this vulnerability to access the BIOS configuration. In addition, the malicio...
NA
CVE-2024-22248
VMware SD-WAN Orchestrator contains an open redirect vulnerability. A malicious actor may be able to redirect a victim to an attacker controlled domain due to improper path handling leading to sensitive information disclosure.
NA
CVE-2024-2049
Server-Side Request Forgery (SSRF) in Citrix SD-WAN Standard/Premium Editions on or after 11.4.0 and prior to 11.4.4.46 allows an malicious user to disclose limited information from the appliance via Access to management IP.
NA
CVE-2023-51384
In ssh-agent in OpenSSH prior to 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multi...
Openbsd Openssh
Debian Debian Linux 11.0
Debian Debian Linux 12.0
1 Github repository
NA
CVE-2023-51385
In ssh in OpenSSH prior to 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters ...
Openbsd Openssh
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
15 Github repositories
NA
CVE-2023-20071
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote malicious user to bypass the configured policies on an affected system. This vulnerability is due to a flaw in the FTP module of the Snort detection e...
Cisco Firepower Threat Defense
Cisco Cyber Vision
Cisco Unified Threat Defense
Cisco Meraki Mx Security Appliance Firmware -
NA
CVE-2023-20246
Multiple Cisco products are affected by a vulnerability in Snort access control policies that could allow an unauthenticated, remote malicious user to bypass the configured policies on an affected system. This vulnerability is due to a logic error that occurs when the access cont...
Snort Snort
Cisco Ios Xe
Cisco Firepower Threat Defense
NA
CVE-2023-20261
A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote malicious user to retrieve arbitrary files from an affected system. This vulnerability is due to improper validation of parameters that are sent to the web UI. An attacker could ex...
Cisco Catalyst Sd-wan Manager 20.6.3.3
Cisco Catalyst Sd-wan Manager 17.2.6
Cisco Catalyst Sd-wan Manager 17.2.7
Cisco Catalyst Sd-wan Manager 17.2.5
Cisco Catalyst Sd-wan Manager 18.3.1.1
Cisco Catalyst Sd-wan Manager 18.3.3.1
Cisco Catalyst Sd-wan Manager 18.3.3
Cisco Catalyst Sd-wan Manager 18.3.1
Cisco Catalyst Sd-wan Manager 18.3.0
Cisco Catalyst Sd-wan Manager 18.4.0.1
Cisco Catalyst Sd-wan Manager 18.4.3
Cisco Catalyst Sd-wan Manager 18.4.0
Cisco Catalyst Sd-wan Manager 18.4.1
Cisco Catalyst Sd-wan Manager 19.2.0
Cisco Catalyst Sd-wan Manager 19.2.097
Cisco Catalyst Sd-wan Manager 19.2.31
Cisco Catalyst Sd-wan Manager 19.2.929
Cisco Catalyst Sd-wan Manager 20.1.1.1
Cisco Catalyst Sd-wan Manager 20.1.12
Cisco Catalyst Sd-wan Manager 20.3.1
Cisco Catalyst Sd-wan Manager 20.6.1
Cisco Catalyst Sd-wan Manager 17.2.8
NA
CVE-2023-20179
A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote malicious user to inject HTML content. This vulnerability is due to improper validation of user-supplied data in element fie...
Cisco Sd-wan Vmanage
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »