Cybersecurity researchers have identified critical vulnerabilities in the Versa Concerto network security and SD-WAN platform, risking severe exploitation if unaddressed. Issues include privilege escalation, Docker container escape, and two authentication bypasses in the Traefik reverse proxy configuration, with CVSS scores as high as 10.0. These flaws could enable malicious actors to gain control of systems, execute arbitrary code, and access sensitive internal logs. The vulnerabilities, disclosed publicly after a lapse, highlight urgent security concerns within the orchestration platform.
These vulnerabilities, when chained together, could allow an attacker to fully compromise both the application and the underlying host system.
CVE-2025-34025... could be exploited to gain code execution on the underlying host machine.
Successful exploitation of CVE-2025-34027 could allow an attacker to leverage a race condition and write malicious files.
The identified shortcomings remain unpatched despite responsible disclosure on February 13, 2025, prompting a public release.
Collection
[
|
...
]