Authenticated Remote Code Execution in EdgeConnect SD-WAN Orchestrator Web-Based Management Interface
CVE-2023-37427
7.2HIGH
What is CVE-2023-37427?
A security flaw in the web-based management interface of EdgeConnect SD-WAN Orchestrator allows authenticated remote attackers to execute arbitrary commands on the host system. This could potentially compromise the entire system by enabling full root access to the underlying operating system.
Affected Version(s)
EdgeConnect SD-WAN Orchestrator Orchestrator 9.3.x
EdgeConnect SD-WAN Orchestrator Orchestrator 9.3.x
EdgeConnect SD-WAN Orchestrator Orchestrator 9.2.x