CVE-2025-23173
BaseFortify
Publication date: 2025-06-19
Last updated on: 2025-06-23
Assigner: HackerOne
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Versa Director SD-WAN orchestration platform, where the websockify service is exposed by default on port 6080 and accessible from the internet. Websockify has known weaknesses that can be exploited, potentially allowing an attacker to execute remote code on the system.
How can this vulnerability impact me? :
If exploited, this vulnerability can lead to remote code execution on the affected system, which means an attacker could run malicious code remotely without authorization. This could compromise the integrity of the system and potentially disrupt operations.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
You can detect this vulnerability by checking if the websockify service is exposed on TCP port 6080 and accessible from the internet. For example, you can use network scanning tools or commands such as 'netstat -tuln | grep 6080' on the system to see if the port is open locally, or use 'nmap -p 6080 <target-ip>' from an external system to check if the port is accessible remotely.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to TCP port 6080 if uCPE console access is not necessary. Additionally, Versa recommends upgrading the Director software to one of the remediated versions to address the vulnerability.