Citrix addresses Critical DoS vulnerability in ADC and Citrix Gateway products
Citrix has addressed a Critical unauthenticated denial of service (DoS) vulnerability CVE-2021-22955 in ADC and Citrix Gateway products.
SD-WAN
Cisco SD-WAN command injection vulnerability could lead to code execution as root
Cisco has fixed a High risk Cisco IOS XE SD-WAN Software command injection vulnerability that could allow a hacker to execute code with root privileges. The tech giant also released security updates for Analog Telephone Adapter and Web Security Appliance vulnerabilities.
Cisco patches vulnerabilities in SD-WAN, Small Business routers and other products
Cisco has patched multiple vulnerabilities in Cisco SD-WAN, Small Business routers, Unified Communications Products and Advanced Malware Protection. Two of those vulnerabilities (CVE-2021-1479, CVE-2021-1459) are rated Critical.
Cisco patches 8 Critical SD-WAN vulnerabilities and flaws in other network products
Cisco has patched eight Critical vulnerabilities in SD-WAN products, as well as fixes for multiple other network products.
VMware patches 6 VMware SD-WAN Orchestrator vulnerabilities
VMware has patched six vulnerabilities that affect VMware SD-WAN Orchestrator. An attacker could exploit this vulnerability and take control of an unpatched system.
Cisco patches Critical vulnerabilities in VPN and Router products
Cisco has patched Critical vulnerabilities in VPN Firewall and Router products, as well as High risk bugs in SD-WAN products.
VMware patches VeloCloud SQL-injection vulnerability (CVE-2020-3973)
VMware has released a patch for a high severity SQL-injection vulnerability CVE-2020-3973 in VMware SD-WAN by VeloCloud (VeloCloud).
Cisco patches IOS XE SD-WAN software command injection vulnerability
Cisco has released a High severity security update that fixes an IOS XE SD-WAN software command injection vulnerability CVE-2019-16011.
Citrix patches Critical vulnerability exploited in the wild (updated)
Citrix has made available a new permanent fix for a critical vulnerability CVE-2019-19781 in affected versions of Citrix SD-WAN WANOP. The update comes nearly five days after Citrix provided firmware updates for the same vulnerability in Application Delivery Controller (ADC) and Citrix Gateway products. An unathenticated attacker could exploit the vulnerability and execute arbitrary code.
Critical Citrix SD-WAN vulnerabilities
Security researchers have discovered critical vulnerabilities in Citrix SD-WAN appliance. Hackers could remotely exploit the vulnerabilities without authentication and gain root access.