CVE-2025-34026
Versa Concerto Actuator Authentication Bypass Information Leak
In short
Versa Concerto SD-WAN has a security flaw that allows attackers to bypass login protections and access sensitive administrative areas without proper credentials. Attackers can then view detailed system information like memory dumps and trace logs that could reveal confidential data.
Technical detail
An authentication bypass vulnerability in the Traefik reverse proxy configuration of Versa Concerto allows unauthenticated attackers to access internal Actuator endpoints. By exploiting this flaw, an attacker can retrieve heap dumps and trace logs, potentially exposing sensitive operational and credential information. Affected versions range from 12.1.2 through 12.2.0.
Summary generated and translated by AI from the official description.
The Versa Concerto SD-WAN orchestration platform is vulnerable to an authentication bypass in the Traefik reverse proxy configuration, allowing at attacker to access administrative endpoints. The internal Actuator endpoint can be leveraged for access to heap dumps and trace logs.This issue is known to affect Concerto from 12.1.2 through 12.2.0. Additional versions may be vulnerable.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:L/SA:N
Affected products
Versa · Concertopublic PoCs found — 1
cve_referenceprojectdiscovery.io/blog/versa-concerto-authentication-bypass-rceunverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →