VYPR

Concerto

by Versa Networks

CVEs (2)

  • CVE-2025-34026HigKEVMay 21, 2025
    risk 0.67cvss 7.5epss 0.83

    The Versa Concerto SD-WAN orchestration platform is vulnerable to an authentication bypass in the Traefik reverse proxy configuration, allowing at attacker to access administrative endpoints. The internal Actuator endpoint can be leveraged for access to heap dumps and trace…

  • CVE-2025-34025HigMay 21, 2025
    risk 0.56cvss epss 0.00

    The Versa Concerto SD-WAN orchestration platform is vulnerable to an privileges escalation and container escape vulnerability caused by unsafe default mounting of host binary paths that allow the container to modify host paths. The escape can be used to trigger remote code…