Cisco SD-WAN command injection vulnerability could lead to code execution as root

Cisco has fixed a High risk Cisco IOS XE SD-WAN Software command injection vulnerability that could allow a hacker to execute code with root privileges. The tech giant also released security updates for Analog Telephone Adapter and Web Security Appliance vulnerabilities.

Cisco patches vulnerabilities in SD-WAN, Small Business routers and other products

Cisco has patched multiple vulnerabilities in Cisco SD-WAN, Small Business routers, Unified Communications Products and Advanced Malware Protection. Two of those vulnerabilities (CVE-2021-1479, CVE-2021-1459) are rated Critical.

Citrix patches Critical vulnerability exploited in the wild (updated)

Citrix has made available a new permanent fix for a critical vulnerability CVE-2019-19781 in affected versions of Citrix SD-WAN WANOP. The update comes nearly five days after Citrix provided firmware updates for the same vulnerability in Application Delivery Controller (ADC) and Citrix Gateway products. An unathenticated attacker could exploit the vulnerability and execute arbitrary code.