CVE-2018-6961

CVE Database · CVE-2018-6961

CVE-2018-6961

· HIGHAnalyzed

CVSS v3.1

8.1

EPSS

86.43%

Published

Jun 11, 2018

Modified

Oct 30, 2025

CISA Known Exploited Vulnerability

Added: 2022-03-25 · Due: 2022-04-15

Apply updates per vendor instructions.

Public PoC / Exploit (5)

All weaponized →

Exploit-DBVMware NSX SD-WAN Edge < 3.1.2 - Command Injection NucleiNuclei detection template TrickestTrickest PoC index GitHub PoCr3dxpl0it/CVE-2018-6961★5 GitHub PoCbokanrb/CVE-2018-6961★1

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

VMware NSX SD-WAN Edge by VeloCloud prior to version 3.1.0 contains a command injection vulnerability in the local web UI component. This component is disabled by default and should not be enabled on untrusted networks. VeloCloud by VMware will be removing this service from the product in future releases. Successful exploitation of this issue could result in remote code execution.

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-78CWE-78

Affected Products (1)

vmware · nsx_sd-wan_by_velocloud (up to 3.1.0)vulnerable

References (9)

http://www.securityfocus.com/bid/104185

Broken LinkThird Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1041210

Broken LinkThird Party AdvisoryVDB Entry

http://www.vmware.com/security/advisories/VMSA-2018-0011.html

Vendor Advisory

https://www.exploit-db.com/exploits/44959/

ExploitThird Party AdvisoryVDB Entry

http://www.securityfocus.com/bid/104185

Broken LinkThird Party Advisory

KEV Catalog EPSS Scores Vendors All CVEs