Article Details

Unpatched critical bugs in Versa Concerto lead to auth bypass, RCE. Critical vulnerabilities in Versa Concerto that are still unpatched could allow remote attackers to bypass authentication and execute arbitrary code on affected systems. Three security issues, two of them critical, were publicly disclosed by researchers at the vulnerability management firm ProjectDiscovery after reporting them to the vendor and receiving no confirmation of the bugs being addressed. Versa Concerto is the centralized management and orchestration platform for Versa Networks' SD-WAN and SASE (Secure Access Service Edge) solutions. It is used by large enterprises managing complex WAN environments, telecom operators providing managed SD-WAN/SASE services to customers, government agencies that need secure, policy-driven network segmentation, and managed security service providers that handle multi-tenant deployments. ProjectDiscovery researched the product and discovered the following flaws: The researchers created a video to demonstrate how CVE-2025-34027 could be exploited in attacks: ProjectDiscovery reported the vulnerabilities to the vendor on February 13, with a 90-day disclosure period. Versa Networks acknowledge the findings and requested additional details. On March 28, Versa Networks indicated that hotfixes would become available for all affected releases on April 7th. Following that date, though, Versa no longer responded to the researchers' follow-up communication about the patches. With the 90-day disclosure period expiring on May 13th, ProjectDiscovery decided to publish the full details yesterday to alert Versa Concerto users of the danger. In lack of an official fix, organizations relying on Versa Concerto are recommended to implement temporary mitigations. One suggestion from the researchers is to block semicolons in URLs via reverse proxy or WAF, and to drop requests with 'Connection: X-Real-Ip' to block actuator access abuse. BleepingComputer has contacted Versa Networks for a comment on the status of the fixes for the vulnerabilities that ProjectDiscovery disclosed but did not receive and we will update this post once we receive a reply. Top 10 MITRE ATT&CK© Techniques Behind 93% of Attacks Based on an analysis of 14M malicious actions, discover the top 10 MITRE ATT&CK techniques behind 93% of attacks and how to defend against them.