VYPR

SD-WAN Software

by Cisco Systems, Inc.

CVEs (20)

  • CVE-2022-20775HigKEVSep 30, 2022
    risk 0.64cvss 7.8epss 0.12

    A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. This vulnerability is due to improper access controls on commands within the application CLI. An attacker could exploit this vulnerability by running…

  • CVE-2020-26071HigNov 18, 2024
    risk 0.55cvss 8.4epss 0.00

    A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to create or overwrite arbitrary files on an affected device, which could result in a denial of service (DoS) condition. The vulnerability is due to insufficient input…

  • CVE-2026-20133MedKEVFeb 25, 2026
    risk 0.54cvss 6.5epss 0.10

    A vulnerability in Cisco Catalyst SD-WAN Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system. This vulnerability is due to insufficient file system restrictions. An authenticated attacker with netadmin privileges could…

  • CVE-2022-20818HigSep 30, 2022
    risk 0.51cvss 7.8epss 0.01

    Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities are due to improper access controls on commands within the application CLI. An attacker could exploit these…

  • CVE-2022-20716HigApr 15, 2022
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain escalated privileges. This vulnerability is due to improper access control on files within the affected system. A local attacker could exploit this vulnerability by modifying…

  • CVE-2021-1528HigJun 4, 2021
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges on an affected system. This vulnerability exists because the affected software does not properly restrict access to privileged processes. An attacker…

  • CVE-2021-1514HigMay 6, 2021
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain…

  • CVE-2020-3600HigNov 6, 2020
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. The vulnerability is due to insufficient security controls on the CLI. An attacker could exploit this vulnerability by using an…

  • CVE-2020-3595HigNov 6, 2020
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root group on the underlying operating system. The vulnerability is due to incorrect permissions being set when the affected command is executed. An attacker could…

  • CVE-2020-3594HigNov 6, 2020
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by providing crafted…

  • CVE-2020-3593HigNov 6, 2020
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted…

  • CVE-2021-1513HigMay 6, 2021
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the vDaemon process of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to cause a device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient handling of malformed packets. An attacker…

  • CVE-2020-3444HigNov 6, 2020
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the packet filtering features of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to bypass L3 and L4 traffic filters. The vulnerability is due to improper traffic filtering conditions on an affected device. An attacker could exploit this…

  • CVE-2022-20930MedSep 30, 2022
    risk 0.44cvss 6.7epss 0.00

    A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite and possibly corrupt files on an affected system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting…

  • CVE-2021-34726MedSep 23, 2021
    risk 0.44cvss 6.7epss 0.00

    A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root-level privileges on the underlying operating system of an affected device. This vulnerability is due to insufficient input…

  • CVE-2021-1512MedMay 6, 2021
    risk 0.39cvss 6.0epss 0.00

    A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system of an affected system. This vulnerability is due to insufficient validation of the user-supplied input parameters of a…

  • CVE-2021-1546MedSep 23, 2021
    risk 0.36cvss 5.5epss 0.00

    A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to access sensitive information. This vulnerability is due to improper protections on file access through the CLI. An attacker could exploit this vulnerability by running a CLI…

  • CVE-2021-1614MedJul 22, 2021
    risk 0.35cvss 5.3epss 0.01

    A vulnerability in the Multiprotocol Label Switching (MPLS) packet handling function of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to gain access to information stored in MPLS buffer memory. This vulnerability is due to insufficient handling of…

  • CVE-2021-1461MedNov 18, 2024
    risk 0.32cvss 4.9epss 0.00

    A vulnerability in the Image Signature Verification feature of Cisco SD-WAN Software could allow an authenticated, remote attacker with Administrator-level credentials to install a malicious software patch on an affected device. The vulnerability is due to improper…

  • CVE-2021-1233MedJan 20, 2021
    risk 0.29cvss 4.4epss 0.00

    A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to access sensitive information on an affected device. The vulnerability is due to insufficient input validation of requests that are sent to the iperf tool. An attacker could…

VYPR — Vulnerability Intelligence