CVE-2025-23171: 
Versa Director vulnerability analysis and mitigation

CVE-2025-23171 is a high-severity vulnerability (CVSS 7.2) affecting the Versa Director SD-WAN orchestration platform. The vulnerability was disclosed in June 2025 and involves an insecure file upload functionality in the platform's UCPE image upload feature. The flaw affects multiple versions of Versa Director, including versions 22.1.4 (pre-February 8, 2025), 22.1.3, 22.1.2, and 21.2.3 (pre-June 10, 2025) (Security Online, GBHackers).

The vulnerability stems from insufficient permission checks in the file upload functionality of Versa Director. While the user interface appears to block file uploads, the backend validation is inadequate, allowing uploads to succeed. The platform also discloses the full filename of uploaded temporary files, including the UUID prefix, which could aid attackers in targeting specific paths. The vulnerability has been assigned a CVSS v3.1 score of 7.2 (HIGH) with the vector string CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H (NVD).

If exploited, this vulnerability allows an authenticated attacker to upload malicious files, including webshells, potentially leading to remote code execution on the affected system. The successful exploitation could result in complete compromise of the system's confidentiality, integrity, and availability (Security Online).

There are no effective workarounds to disable the vulnerable GUI options. Versa Networks recommends upgrading to remediated software versions: 22.1.4 (released February 8, 2025) or later, or versions 22.1.3, 22.1.2, and 21.2.3 released after June 10, 2025 (Security Online).

The vulnerability has garnered attention from major cybersecurity authorities, with the U.S. Cybersecurity and Infrastructure Security Agency (CISA) urging organizations to apply patches and monitor for signs of compromise. The CISA Rapid Action Force has been credited with discovering and reporting the flaws (GBHackers).