CVE-2025-34026

nvd nist nuclei

Published: May 21, 2025Modified: Jan 23, 2026CISA KEV

9.2

Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Show more

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less

Source: disclosure@vulncheck.com (Secondary)

Description

The Versa Concerto SD-WAN orchestration platform is vulnerable to an authentication bypass in the Traefik reverse proxy configuration, allowing at attacker to access administrative endpoints. The internal Actuator endpoint can be leveraged for access to heap dumps and trace logs.This issue is known to affect Concerto from 12.1.2 through 12.2.0. Additional versions may be vulnerable.

Affected (3)

Products: Versa Networks: Concerto

1 product

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Versa Networks Concerto	From 11.4.0 to 12.1.2
Versa Networks Concerto	Version 12.1.2
Versa Networks Concerto	Version 12.2.0

Related CWEs

Authentication Bypass Using an Alternate Path or Channel

A product requires authentication, but the product has an alternate path or channel that does not require authentication.

References (4)

https://projectdiscovery.io/blog/versa-concerto-authentication-bypass-rce

Source: disclosure@vulncheck.com

ExploitMitigationThird Party Advisory

https://projectdiscovery.io/blog/versa-concerto-authentication-bypass-rce

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

ExploitMitigationThird Party Advisory

https://security-portal.versa-networks.com/emailbulletins/6830f94328defa375486ff2e

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

Vendor Advisory

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-34026

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

US Government Resource

Timeline

No history available yet.