CVE-2025-34026

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-34026
The Versa Concerto SD-WAN orchestration platform is vulnerable to an authentication bypass in the Traefik reverse proxy configuration, allowing at attacker to access administrative endpoints. The internal Actuator endpoint can be leveraged for access to heap dumps and trace logs.This issue is known to affect Concerto from 12.1.2 through 12.2.0. Additional versions may be vulnerable.

7.5 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://projectdiscovery.io/blog/versa-concerto-authentication-bypass-rce Exploit Mitigation Third Party Advisory
https://projectdiscovery.io/blog/versa-concerto-authentication-bypass-rce Exploit Mitigation Third Party Advisory
https://security-portal.versa-networks.com/emailbulletins/6830f94328defa375486ff2e Vendor Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-34026 US Government Resource
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:versa-networks:concerto:*:*:*:*:*:*:*:*
cpe:2.3:a:versa-networks:concerto:12.1.2:-:*:*:*:*:*:*
cpe:2.3:a:versa-networks:concerto:12.2.0:*:*:*:*:*:*:*
History

23 Jan 2026, 18:39

Type Values Removed Values Added
CPE cpe:2.3:a:versa-networks:concerto:*:*:*:*:*:*:*:*
cpe:2.3:a:versa-networks:concerto:12.1.2:-:*:*:*:*:*:*
cpe:2.3:a:versa-networks:concerto:12.2.0:*:*:*:*:*:*:*
First Time Versa-networks
Versa-networks concerto
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 7.5
References () https://projectdiscovery.io/blog/versa-concerto-authentication-bypass-rce - () https://projectdiscovery.io/blog/versa-concerto-authentication-bypass-rce - Exploit, Mitigation, Third Party Advisory
References () https://security-portal.versa-networks.com/emailbulletins/6830f94328defa375486ff2e - () https://security-portal.versa-networks.com/emailbulletins/6830f94328defa375486ff2e - Vendor Advisory
References () https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-34026 - () https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-34026 - US Government Resource

23 Jan 2026, 15:16

Type Values Removed Values Added
References
  • () https://security-portal.versa-networks.com/emailbulletins/6830f94328defa375486ff2e -

22 Jan 2026, 19:15

Type Values Removed Values Added
References
  • () https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-34026 -

23 Sep 2025, 16:15

Type Values Removed Values Added
CWE CWE-287 CWE-288

22 May 2025, 16:15

Type Values Removed Values Added
Summary
  • (es) La plataforma de orquestación SD-WAN Versa Concerto es vulnerable a una omisión de autenticación en la configuración del proxy inverso Traefik, lo que permite a un atacante acceder a los endpoints administrativos. El endpoint interno del Actuador puede utilizarse para acceder a volcados de pila y registros de seguimiento. Se sabe que este problema afecta a Concerto desde la versión 12.1.2 hasta la 12.2.0. Otras versiones podrían ser vulnerables.
References () https://projectdiscovery.io/blog/versa-concerto-authentication-bypass-rce - () https://projectdiscovery.io/blog/versa-concerto-authentication-bypass-rce -

21 May 2025, 22:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-05-21 22:15

Updated : 2026-01-23 18:39

NVD link : CVE-2025-34026

Mitre link : CVE-2025-34026

CVE.ORG link : CVE-2025-34026

JSON object : View

Products Affected

versa-networks

  • concerto
CWE
CWE-288

Authentication Bypass Using an Alternate Path or Channel