James Spadaro

**Name of the Vulnerable Software and Affected Versions** Cisco Routed PON Controller Software (affected versions not specified) **Description** The issue exists due to insufficient validation of arguments passed to specific configuration commands, allowing an authenticated, remote attacker with Administrator-level privileges on the PON Manager or direct access to the PON Manager MongoDB instance to perform command injection attacks on the PON Controller container and execute arbitrary commands as root. An attacker could exploit these vulnerabilities by including crafted input as the argument of an affected configuration command. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco SD-WAN Software (affected versions not specified) **Description** A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite and possibly corrupt files on an affected system. This issue is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary commands that are executed as the root user account. A successful exploit could allow the attacker to overwrite arbitrary system files, which could result in a denial of service (DoS) condition. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco IOS XE SD-WAN Software (affected versions not specified) Cisco SD-WAN Software (affected versions not specified) **Description** A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device. This issue is due to insufficient input validation, which could be exploited by injecting arbitrary file path information when using commands in the CLI. A successful exploit could allow the attacker to delete arbitrary files from the file system of the affected device. **Recommendations** For Cisco IOS XE SD-WAN Software, ensure proper input validation for CLI commands to prevent arbitrary file deletion. For Cisco SD-WAN Software, restrict access to the CLI to minimize the risk of exploitation until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco IOS XE SD-WAN Software (affected versions not specified) **Description** A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to elevate privileges and execute arbitrary code on the underlying operating system as the root user. An attacker must be authenticated on an affected device as a PRIV15 user. This vulnerability is due to insufficient file system protection and the presence of a sensitive file in the bootflash directory on an affected device. An attacker could exploit this vulnerability by overwriting an installer file stored in the bootflash directory with arbitrary commands that can be executed with root-level privileges. A successful exploit could allow the attacker to read and write changes to the configuration database on the affected device. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco IOS XE SD-WAN Software (affected versions not specified) **Description** A vulnerability in a specific CLI command that is run on Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the configuration database of an affected device. This vulnerability is due to insufficient validation of specific CLI command parameters. An attacker could exploit this vulnerability by issuing that command with specific parameters. A successful exploit could allow the attacker to overwrite the content of the configuration database and gain root-level access to an affected device. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco IOS XE SD-WAN Software (affected versions not specified) **Description** The issue is related to insufficient bounds checking when processing traffic, which could allow a remote attacker to cause a buffer overflow on an affected device. An attacker could exploit this by sending crafted traffic to the device, potentially allowing them to execute arbitrary commands with root-level privileges or cause the device to reload, resulting in a denial of service condition. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco IOS XE SD-WAN Software (affected versions not specified) **Description** A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root-level privileges on the underlying operating system. This issue is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to execute commands with root-level privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco SD-WAN Software (affected versions not specified) **Description** A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root-level privileges on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to execute commands with root-level privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco SD-WAN vManage Software (affected versions not specified) **Description** A vulnerability in the CLI interface of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to read arbitrary files on the underlying file system of an affected system. This issue exists due to insufficient control of access to sensitive information on an affected system. An attacker could exploit this vulnerability by gaining unauthorized access to sensitive information, potentially allowing them to create forged authentication requests and gain unauthorized access to the web UI of an affected system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco SD-WAN Software (affected versions not specified) **Description** A vulnerability in the vDaemon process could allow an unauthenticated, remote attacker to cause a device to reload, resulting in a denial of service (DoS) condition. This issue is due to insufficient handling of malformed packets. An attacker could exploit this by sending crafted traffic to an affected device, potentially causing the device to reload and resulting in a DoS condition. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco SD-WAN vEdge Software (affected versions not specified) **Description** The issue is related to a buffer overflow in memory when handling traffic, which could allow a remote attacker to cause a denial of service. Multiple vulnerabilities in the software could also enable an attacker to execute arbitrary code as the root user or cause a denial of service condition on an affected device. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Cisco SD-WAN vEdge Software (affected versions not specified) Description: Multiple vulnerabilities in the software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco SD-WAN products (affected versions not specified) **Description** The issue is related to errors in processing IP traffic in Cisco SD-WAN products. An unauthenticated, remote attacker could exploit this to execute arbitrary code with root privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Cisco SD-WAN products (affected versions not specified) Description: The issue is related to multiple vulnerabilities in Cisco SD-WAN products that could allow an authenticated attacker to perform command injection attacks against an affected device. This could enable the attacker to take certain actions with root privileges on the device. The vulnerability is also associated with insufficient input validation in the command-line interface (CLI), which could allow an attacker to gain unauthorized access to protected information. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco SD-WAN products (affected versions not specified) **Description** The issue is related to multiple vulnerabilities in Cisco SD-WAN products that could allow an unauthenticated, remote attacker to execute attacks against an affected device. One of the vulnerabilities is associated with the implementation of the NETCONF protocol and is due to insufficient input validation, which could allow a remote attacker to cause a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.