CVE-2023-37424

CVSS 3.1 Score 8.1 of 10 (high)

Details

Published Aug 22, 2023
Updated: Aug 29, 2023

Summary

CVE-2023-37424 is a vulnerability affecting the web-based management interface of EdgeConnect SD-WAN Orchestrator. This issue enables unauthenticated remote attackers to execute arbitrary commands on the underlying host under specific conditions outside of their control. Successfully exploiting this vulnerability could grant attackers complete system compromise by executing commands on the operating system. However, it's important to note that the exploitation requires the attacker to meet certain preconditions. This vulnerability poses a significant risk to organizations using EdgeConnect SD-WAN Orchestrator and emphasizes the importance of timely patches and secure configuration management.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share