CVEs (7)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Silver Peak 1Unity Edgeconnect Sd Wan Firmware Nov 21, 2024 Sep 8, 2019 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows ..%2f directory traversal via a rest/json/configdb/download/ URI. |
1Silver Peak 1Unity Edgeconnect Sd Wan Firmware Nov 21, 2024 Sep 8, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Silver Peak EdgeConnect SD-WAN before 8.1.7.x has reflected XSS via the rest/json/configdb/download/ PATH_INFO. |
1Silver Peak 1Unity Edgeconnect Sd Wan Firmware Nov 21, 2024 Sep 8, 2019 N/A· v4 7.2 HIGH· v3 9.0 HIGH· v2 Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows privilege escalation (by administrators) from the menu to a root Bash OS shell via the spsshell feature. |
1Silver Peak 1Unity Edgeconnect Sd Wan Firmware Nov 21, 2024 Sep 8, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Silver Peak EdgeConnect SD-WAN before 8.1.7.x has an SNMP service with a public value for rocommunity and trapcommunity. |
1Silver Peak 1Unity Edgeconnect Sd Wan Firmware Nov 21, 2024 Sep 8, 2019 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows remote attackers to obtain potentially sensitive stack traces by sending incorrect JSON data to the REST API, such as the rest/json/banners URI. |
1Silver Peak 1Unity Edgeconnect Sd Wan Firmware Nov 21, 2024 Sep 8, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows remote attackers to trigger a web-interface outage via slow client-side HTTP traffic from a single source. |
1Silver Peak 1Unity Edgeconnect Sd Wan Firmware Nov 21, 2024 Sep 8, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows CSRF via JSON data to a .swf file. |