Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

Cisco Catalyst SD-WAN

Source -

CNA

CNA CVEs -

2

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
2Vulnerabilities found
CVE-2022-20655
Assigner-Cisco Systems, Inc.
ShareView Details
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.40% / 60.75%
||
7 Day CHG~0.00%
Published-15 Nov, 2024 | 15:56
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the implementation of the CLI on a device that is running ConfD could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient validation of a process argument on an affected device. An attacker could exploit this vulnerability by injecting commands during the execution of this process. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privilege level of ConfD, which is commonly root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco SD-WAN vEdge RouterCisco Ultra Gateway PlatformCisco IOS XE Catalyst SD-WANCisco Network Services OrchestratorCisco Carrier Packet TransportCisco Enterprise NFV Infrastructure SoftwareCisco Catalyst SD-WAN ManagerCisco IOS XR SoftwareCisco Virtual Topology System (VTS)Cisco Catalyst SD-WANvirtual_topology_systemnetwork_services_orchestratorsd-wan_vedge_routerenterprise_nfv_infrastructure_softwareios_xe_catalyst_sd-wanios_xr_softwarecarrier_packet_transportcatalyst_sd-wan_manager
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-20775
Assigner-Cisco Systems, Inc.
ShareView Details
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.43% / 62.74%
||
7 Day CHG~0.00%
Published-30 Sep, 2022 | 18:45
Updated-02 Mar, 2026 | 13:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2026-02-27||Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
Cisco SD-WAN Software Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. This vulnerability is due to improper access controls on commands within the application CLI. An attacker could exploit this vulnerability by running a maliciously crafted command on the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-priv-E6e8tEdF

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asr_1000-xcatalyst_8540csrsd-wan_vsmart_controllerasr_1001-hx_r4351_integrated_services_routerasr_1009-x1131_integrated_services_router1100-4p_integrated_services_routercatalyst_85001109_integrated_services_routersd-wan4321\/k9-rf_integrated_services_router8102-64h1100-4g_integrated_services_router4351\/k9_integrated_services_routercatalyst_8300catalyst_8510msr1109-2p_integrated_services_router88041101_integrated_services_routercatalyst_8300-2n2s-4t2xasr_10014321\/k9_integrated_services_router4321_integrated_services_router4321\/k9-ws_integrated_services_routercatalyst_8300-1n1s-4t2x1120_integrated_services_routerasr_1004asr_1006catalyst_8300-1n1s-6t4461_integrated_services_router8101-32fh4451-x_integrated_services_routersd-wan_vedge_cloud4331_integrated_services_router880882024351\/k9-ws_integrated_services_routerasr_1001-hxasr_1002-xasr_1013catalyst_cg418-e8818catalyst_8200catalyst_8500lasr_1023asr_1002-hx1100-8p_integrated_services_router4331\/k9-ws_integrated_services_routercatalyst_cg522-e8201-32fh88124351\/k9-rf_integrated_services_routerasr_1002-x_rcatalyst_sd-wan_manager4431_integrated_services_router88311100_integrated_services_routercatalyst_8500-4qccatalyst_8510csrasr_1000catalyst_8000v_edgeasr_1002-hx_rsd-wan_vbond_orchestrator82011109-4p_integrated_services_routerasr_1001-x_r8101-32hasr_1006-x4451_integrated_services_router1111x_integrated_services_router4221_integrated_services_router1111x-8p_integrated_services_routercatalyst_8540msrasr_1001-x1100-6g_integrated_services_routercatalyst_8300-2n2s-6t4331\/k9-rf_integrated_services_router4000_integrated_services_router111x_integrated_services_router1101-4p_integrated_services_router4331\/k9_integrated_services_router1160_integrated_services_routerasr_1002Cisco Catalyst SD-WANCisco SD-WAN vEdge RouterCisco Catalyst SD-WAN ManagerCisco SD-WAN vEdge CloudCisco SD-WAN vContainerSD-WAN
CWE ID-CWE-25
Path Traversal: '/../filedir'
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')