CVE-2025-34026

HIGH KEV NUCLEI

Versa Concerto <12.2.0 - Auth Bypass

Title source: llm

Description

The Versa Concerto SD-WAN orchestration platform is vulnerable to an authentication bypass in the Traefik reverse proxy configuration, allowing at attacker to access administrative endpoints. The internal Actuator endpoint can be leveraged for access to heap dumps and trace logs.This issue is known to affect Concerto from 12.1.2 through 12.2.0. Additional versions may be vulnerable.

Nuclei Templates (1)

Versa Concerto Actuator Endpoint - Authentication Bypass

CRITICALVERIFIEDby iamnoooob,rootxharsh,parthmalhotra,pdresearch

Shodan: http.favicon.hash:-534530225

References (3)

[Exploit, Mitigation, Third Party Advisory] https://projectdiscovery.io/blog/versa-concerto-authentication-bypass-rce

[Vendor Advisory] https://security-portal.versa-networks.com/emailbulletins/6830f94328defa375486ff2e

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-34026

Scores

CVSS v3 7.5

EPSS 0.7158

EPSS Percentile 98.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CISA KEV 2026-01-22

VulnCheck KEV 2025-06-07

ENISA EUVD EUVD-2025-16087

CWE

CWE-288

Status published

Products (3)

versa-networks/concerto 12.1.2

versa-networks/concerto 12.2.0

versa-networks/concerto 11.4.0 - 12.1.2

Published May 21, 2025

KEV Added Jan 22, 2026

Tracked Since Feb 18, 2026