CVE-2018-6961 - VMware SD-WAN Edge by VeloCloud Command Injection Vulnerability
Project:VMware
Product:SD-WAN Edge
Date Added:2022-03-25Due Date:2022-04-15
Vulnerability Name
VMware SD-WAN Edge by VeloCloud Command Injection Vulnerability
Description
VMware SD-WAN Edge by VeloCloud contains a command injection vulnerability in the local web UI component. Successful exploitation of this issue could result in remote code execution.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2018-6961