Versa Director vulnerabilities
12 known vulnerabilities affecting versa/director.
Total CVEs
12
CISA KEV
1
actively exploited
Public exploits
0
Exploited in wild
1
Severity breakdown
CRITICAL3HIGH5MEDIUM4
Vulnerabilities
Page 1 of 1
CVE-2024-39717P2HIGHCVSS 7.2KEV≥ 21.2.2, ≤ 21.2.2≥ 21.2.3 before 2024-06-21, < 21.2.3 before 2024-06-21+3 more2024-08-22
CVE-2024-39717 [HIGH] CWE-434 CVE-2024-39717: The Versa Director GUI provides an option to customize the look and feel of the user interface. This
The Versa Director GUI provides an option to customize the look and feel of the user interface. This option is only available for a user logged with Provider-Data-Center-Admin or Provider-Data-Center-System-Admin. (Tenant level users do not have this privilege). The “Change Favicon” (Favorite Icon) option can be mis-used to upload a malicious file end
nvd
CVE-2024-42450P2CRITICALCVSS 10.0≥ 22.1.4, ≤ 22.1.42024-11-19
CVE-2024-42450 [CRITICAL] CWE-798 CVE-2024-42450: The Versa Director uses PostgreSQL (Postgres) to store operational and configuration data. It is als
The Versa Director uses PostgreSQL (Postgres) to store operational and configuration data. It is also needed for High Availability function of the Versa Director. The default configuration has a common password across all instances of Versa Director. By default, Versa Director configures Postgres to listen on all network interfaces. This combinati
nvd
CVE-2024-45208P2CRITICALCVSS 9.8≥ 21.2.2, ≤ 21.2.2≥ 21.2.3, ≤ 21.2.3+4 more2025-06-19
CVE-2024-45208 [CRITICAL] CWE-284 CVE-2024-45208: The Versa Director SD-WAN orchestration platform which makes use of Cisco NCS application service. A
The Versa Director SD-WAN orchestration platform which makes use of Cisco NCS application service. Active and Standby Directors communicate over TCP ports 4566 and 4570 to exchange High Availability (HA) information using a shared password. Affected versions of Versa Director bound to these ports on all interfaces. An attacker that can access the
nvd
CVE-2025-24288P2CRITICALCVSS 9.8≥ 21.2.2, ≤ 21.2.2≥ 21.2.3, ≤ 21.2.3+4 more2025-06-19
CVE-2025-24288 [CRITICAL] CWE-1188 CVE-2025-24288: The Versa Director software exposes a number of services by default and allow attackers an easy foot
The Versa Director software exposes a number of services by default and allow attackers an easy foothold due to default credentials and multiple accounts (most with sudo access) that utilize the same default credentials. By default, Versa director exposes ssh and postgres to the internet, alongside a host of other services.
Versa Networks is not
nvd
CVE-2025-23168P3HIGHCVSS 8.8≥ 21.2.2, ≤ 21.2.2≥ 21.2.3, ≤ 21.2.3+4 more2025-06-19
CVE-2025-23168 [HIGH] CWE-290 CVE-2025-23168: The Versa Director SD-WAN orchestration platform implements Two-Factor Authentication (2FA) using On
The Versa Director SD-WAN orchestration platform implements Two-Factor Authentication (2FA) using One-Time Passcodes (OTP) delivered via email or SMS. Versa Director accepts untrusted user input when dispatching 2FA codes, allowing an attacker who knows a valid username and password to redirect the OTP delivery (SMS/email) to their own device. OTP/TOT
nvd
CVE-2025-23173P3HIGHCVSS 7.5≥ 21.2.2, ≤ 21.2.2≥ 21.2.3, ≤ 21.2.3+4 more2025-06-19
CVE-2025-23173 [HIGH] CWE-200 CVE-2025-23173: The Versa Director SD-WAN orchestration platform provides direct web-based access to uCPE virtual ma
The Versa Director SD-WAN orchestration platform provides direct web-based access to uCPE virtual machines through the Director GUI. By default, the websockify service is exposed on port 6080 and accessible from the internet. This exposure introduces significant risk, as websockify has known weaknesses that can be exploited, potentially leading to rem
nvd
CVE-2025-23172P3HIGHCVSS 7.2≥ 21.2.2, ≤ 21.2.2≥ 21.2.3, ≤ 21.2.3+4 more2025-06-19
CVE-2025-23172 [HIGH] CWE-918 CVE-2025-23172: The Versa Director SD-WAN orchestration platform includes a Webhook feature for sending notification
The Versa Director SD-WAN orchestration platform includes a Webhook feature for sending notifications to external HTTP endpoints. However, the "Add Webhook" and "Test Webhook" functionalities can be abused by an authenticated user to send crafted HTTP requests to localhost. This can be leveraged to execute commands on behalf of the versa user, who has
nvd
CVE-2025-23171P3HIGHCVSS 7.2≥ 21.2.2, ≤ 21.2.2≥ 21.2.3, ≤ 21.2.3+4 more2025-06-19
CVE-2025-23171 [HIGH] CWE-434 CVE-2025-23171: The Versa Director SD-WAN orchestration platform provides an option to upload various types of files
The Versa Director SD-WAN orchestration platform provides an option to upload various types of files. The Versa Director does not correctly limit file upload permissions. The UI appears not to allow file uploads but uploads still succeed. In addition, the Versa Director discloses the full filename of uploaded temporary files, including the UUID prefix
nvd
CVE-2024-45229P3MEDIUMCVSS 6.6≥ 22.1.4 20240909, < 22.1.4 20240909≥ 22.1.3 20240909, < 22.1.3 20240909+4 more2024-09-20
CVE-2024-45229 [MEDIUM] CWE-306 CVE-2024-45229: The Versa Director offers REST APIs for orchestration and management. By design, certain APIs, such
The Versa Director offers REST APIs for orchestration and management. By design, certain APIs, such as the login screen, banner display, and device registration, do not require authentication. However, it was discovered that for Directors directly connected to the Internet, one of these APIs can be exploited by injecting invalid arguments into a GET
nvd
CVE-2025-23170P3MEDIUMCVSS 6.7≥ 21.2.2, ≤ 21.2.2≥ 21.2.3, ≤ 21.2.3+4 more2025-06-19
CVE-2025-23170 [MEDIUM] CWE-77 CVE-2025-23170: The Versa Director SD-WAN orchestration platform includes functionality to initiate SSH sessions to
The Versa Director SD-WAN orchestration platform includes functionality to initiate SSH sessions to remote CPEs and the Director shell via Shell-In-A-Box. The underlying Python script, shell-connect.py, is vulnerable to command injection through the user argument. This allows an attacker to execute arbitrary commands on the system.
Exploitation Statu
nvd
CVE-2025-24291P3MEDIUMCVSS 6.1≥ 21.2.2, ≤ 21.2.2≥ 21.2.3, ≤ 21.2.3+4 more2025-06-19
CVE-2025-24291 [MEDIUM] CWE-74 CVE-2025-24291: The Versa Director SD-WAN orchestration platform provides functionality to upload various types of f
The Versa Director SD-WAN orchestration platform provides functionality to upload various types of files. However, the Java code handling file uploads contains an argument injection vulnerability. By appending additional arguments to the file name, an attacker can bypass MIME type validation, allowing the upload of arbitrary file types. This flaw can
nvd
CVE-2025-23169P4MEDIUMCVSS 6.1≥ 21.2.2, ≤ 21.2.2≥ 21.2.3, ≤ 21.2.3+4 more2025-06-19
CVE-2025-23169 [MEDIUM] CWE-79 CVE-2025-23169: The Versa Director SD-WAN orchestration platform allows customization of the user interface, includi
The Versa Director SD-WAN orchestration platform allows customization of the user interface, including the header, footer, and logo. However, the input provided for these customizations is not properly validated or sanitized, allowing a malicious user to inject and store cross-site scripting (XSS) payloads.
Exploitation Status:
Versa Networks is no
nvd