Vulnerabilities > Silver Peak > Unity Edgeconnect SD WAN Firmware
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-09-08 | CVE-2019-16105 | Path Traversal vulnerability in Silver-Peak Unity Edgeconnect Sd-Wan Firmware 8.1.4.965644 Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows ..%2f directory traversal via a rest/json/configdb/download/ URI. | 4.0 |
2019-09-08 | CVE-2019-16104 | Cross-site Scripting vulnerability in Silver-Peak Unity Edgeconnect Sd-Wan Firmware 8.1.4.965644 Silver Peak EdgeConnect SD-WAN before 8.1.7.x has reflected XSS via the rest/json/configdb/download/ PATH_INFO. | 4.3 |
2019-09-08 | CVE-2019-16103 | Unspecified vulnerability in Silver-Peak Unity Edgeconnect Sd-Wan Firmware 8.1.4.965644 Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows privilege escalation (by administrators) from the menu to a root Bash OS shell via the spsshell feature. | 9.0 |
2019-09-08 | CVE-2019-16102 | Insecure Default Initialization of Resource vulnerability in Silver-Peak Unity Edgeconnect Sd-Wan Firmware 8.1.4.965644 Silver Peak EdgeConnect SD-WAN before 8.1.7.x has an SNMP service with a public value for rocommunity and trapcommunity. | 7.5 |
2019-09-08 | CVE-2019-16101 | Information Exposure vulnerability in Silver-Peak Unity Edgeconnect Sd-Wan Firmware 8.1.4.965644 Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows remote attackers to obtain potentially sensitive stack traces by sending incorrect JSON data to the REST API, such as the rest/json/banners URI. | 5.0 |
2019-09-08 | CVE-2019-16100 | Unspecified vulnerability in Silver-Peak Unity Edgeconnect Sd-Wan Firmware 8.1.4.965644 Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows remote attackers to trigger a web-interface outage via slow client-side HTTP traffic from a single source. | 5.0 |
2019-09-08 | CVE-2019-16099 | Cross-Site Request Forgery (CSRF) vulnerability in Silver-Peak Unity Edgeconnect Sd-Wan Firmware 8.1.4.965644 Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows CSRF via JSON data to a .swf file. | 6.8 |