COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2025-34026

CVE-2025-34026

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2026-01-22
Reference
https://nvd.nist.gov/vuln/detail/CVE-2025-34026
⌖ exploited in the wild shame 50/100 exploited-in-wild

Versa Concerto SD-WAN orchestration platform contains an improper authentication vulnerability in the Traefik reverse proxy configuration, allowing at attacker to access administrative endpoints. The internal Actuator endpoint can be leveraged for access to heap dumps and trace l

Players implicated

Versa · vendorConcerto · product

Description

Versa Concerto SD-WAN orchestration platform contains an improper authentication vulnerability in the Traefik reverse proxy configuration, allowing at attacker to access administrative endpoints. The internal Actuator endpoint can be leveraged for access to heap dumps and trace logs.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.