CVE-2024-22246
Severity CVSS v4.0:
Pending analysis
Type:
CWE-77
Command Injection
Publication date:
02/04/2024
Last modified:
03/07/2024
Description
VMware SD-WAN Edge contains an unauthenticated command injection vulnerability potentially leading to remote code execution.<br />
<br />
A malicious actor with local access to the Edge Router UI during <br />
activation may be able to perform a command injection attack that could <br />
lead to full control of the router. <br />
<br />
Impact
Base Score 3.x
7.40
Severity 3.x
HIGH