CNNVD-202509-3827 Information

CNNVD ID

CNNVD-202509-3827

Related CVE

CVE-2025-20339

• CNNVD Published: 2025-09-24

Description (Chinese)

Cisco SD-WAN vEdge是美国思科（Cisco）公司的一款路由器。 Cisco SD-WAN vEdge存在访问控制错误漏洞，该漏洞源于IPv4数据包访问控制列表处理不当，可能导致远程攻击者绕过配置的ACL。

Description (English)

Cisco SD-WAN vEdge is a router for Cisco Corporation. Cisco SD-WAN vEdge has a bug in access control, which stems from the inappropriate handling of the IPv4 package access control list, which may result in remote assailants bypassing the configured ACL.

Hazard Level

High

Vulnerability Type

访问控制错误

Affected Vendor

Citadel

Published

2025-09-24

Last Modified

2026-02-24

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-defaultacl-pSJk9nVF https://access.redhat.com/security/cve/cve-2025-20339

Patch

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-defaultacl-pSJk9nVF