High severity8.1CISA KEVNVD Advisory· Published Jun 11, 2018· Updated Jun 17, 2026
CVE-2018-6961
CVE-2018-6961
Description
VMware NSX SD-WAN Edge by VeloCloud prior to version 3.1.0 contains a command injection vulnerability in the local web UI component. This component is disabled by default and should not be enabled on untrusted networks. VeloCloud by VMware will be removing this service from the product in future releases. Successful exploitation of this issue could result in remote code execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <3.1.0
- Range: prior to version 3.1.0
Patches
Vulnerability mechanics
References
5- www.exploit-db.com/exploits/44959/nvdExploitThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/104185nvdBroken LinkThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1041210nvdBroken LinkThird Party AdvisoryVDB Entry
- www.vmware.com/security/advisories/VMSA-2018-0011.htmlnvdVendor Advisory
- www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource
News mentions
0No linked articles in our index yet.