CVE-2025-23172
Awaiting Analysis Awaiting Analysis - Queue
BaseFortify

Publication date: 2025-06-19

Last updated on: 2025-06-23

Assigner: HackerOne

Description
The Versa Director SD-WAN orchestration platform includes a Webhook feature for sending notifications to external HTTP endpoints. However, the "Add Webhook" and "Test Webhook" functionalities can be abused by an authenticated user to send crafted HTTP requests to localhost. This can be leveraged to execute commands on behalf of the versa user, who has sudo privileges, potentially leading to privilege escalation or remote code execution. Exploitation Status: Versa Networks is not aware of any reported instance where this vulnerability was exploited. Proof of concept for this vulnerability has been disclosed by third party security researchers. Workarounds or Mitigation: There are no workarounds to disable the GUI option. Versa recommends that Director be upgraded to one of the remediated software versions.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-06-19
Last Modified
2025-06-23
Generated
2026-05-07
AI Q&A
2025-06-19
EPSS Evaluated
2026-05-05
NVD
CVE-2025-23172
EUVD
EUVD-2025-18671
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-918 The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in the Versa Director SD-WAN orchestration platform's Webhook feature. Authenticated users can abuse the 'Add Webhook' and 'Test Webhook' functionalities to send crafted HTTP requests to the localhost. This can be exploited to execute commands as the versa user, who has sudo privileges, potentially leading to privilege escalation or remote code execution.


How can this vulnerability impact me? :

If exploited, this vulnerability can allow an authenticated user to escalate their privileges or execute arbitrary code remotely on the affected system. This could lead to unauthorized control over the system, data compromise, or disruption of services.


What immediate steps should I take to mitigate this vulnerability?

Versa Networks recommends upgrading the Versa Director SD-WAN orchestration platform to one of the remediated software versions, as there are no workarounds to disable the vulnerable GUI options.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart