Cisco Sd-Wan Vedge Router vulnerabilities

CVE-2025-20339 [MEDIUM] CWE-284 CVE-2025-20339: A vulnerability in the access control list (ACL) processing of IPv4 packets of Cisco SD-WAN vEdge So A vulnerability in the access control list (ACL) processing of IPv4 packets of Cisco SD-WAN vEdge Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to the improper enforcement of the implicit deny all at the end of a configured ACL. An attacker could exploit this vulnerability by attempti

CVE-2020-26071 [HIGH] CWE-22 CVE-2020-26071: A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacke A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to create or overwrite arbitrary files on an affected device, which could result in a denial of service (DoS) condition. The vulnerability is due to insufficient input validation for specific commands. An attacker could exploit this vulnerability by includi

CVE-2021-1461 [MEDIUM] CWE-347 CVE-2021-1461: A vulnerability in the Image Signature Verification feature of Cisco SD-WAN Software could allo A vulnerability in the Image Signature Verification feature of Cisco SD-WAN Software could allow an authenticated, remote attacker with Administrator-level credentials to install a malicious software patch on an affected device. The vulnerability is due to improper verification of digital signatures for patch images. An attacker could exploit this vul

CVE-2022-20655 [HIGH] CWE-78 CVE-2022-20655: A vulnerability in the implementation of the CLI on a device that is running ConfD could allow an au A vulnerability in the implementation of the CLI on a device that is running ConfD could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient validation of a process argument on an affected device. An attacker could exploit this vulnerability by injecting commands during the execution of

CVE-2024-20496 [MEDIUM] CWE-787 CVE-2024-20496: A vulnerability in the UDP packet validation code of Cisco SD-WAN vEdge Software could allow an unau A vulnerability in the UDP packet validation code of Cisco SD-WAN vEdge Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected system. This vulnerability is due to incorrect handling of a specific type of malformed UDP packet. An attacker in a machine-in-the-middle position could explo

CVE-2022-20775 [HIGH] CWE-25 CVE-2022-20775: A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. This vulnerability is due to improper access controls on commands within the application CLI. An attacker could exploit this vulnerability by running a maliciously crafted command on the application CLI. A successful exploit cou

CVE-2022-20717 [MEDIUM] CWE-789 CVE-2022-20717: A vulnerability in the NETCONF process of Cisco SD-WAN vEdge Routers could allow an authenticated, l A vulnerability in the NETCONF process of Cisco SD-WAN vEdge Routers could allow an authenticated, local attacker to cause an affected device to run out of memory, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient memory management when an affected device receives large amounts of traffic. An attacker could

CVE-2021-1510 [HIGH] CWE-119 CVE-2021-1510: Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

CVE-2021-1509 [HIGH] CWE-119 CVE-2021-1509: Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

CVE-2021-1511 [MEDIUM] CWE-119 CVE-2021-1511: Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

CVE-2020-3369 [HIGH] CWE-118 CVE-2020-3369: A vulnerability in the deep packet inspection (DPI) engine of Cisco SD-WAN vEdge Routers could allow A vulnerability in the deep packet inspection (DPI) engine of Cisco SD-WAN vEdge Routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper processing of FTP traffic. An attacker could exploit this vulnerability by sending crafted FTP packets through an

CVE-2020-3385 [MEDIUM] CWE-371 CVE-2020-3385: A vulnerability in the deep packet inspection (DPI) engine of Cisco SD-WAN vEdge Routers could allow A vulnerability in the deep packet inspection (DPI) engine of Cisco SD-WAN vEdge Routers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected system. The vulnerability is due to insufficient handling of malformed packets. An attacker could exploit this vulnerability by sending crafted packets th