What is CVE-2025-23171?

CVE-2025-23171 is a high-severity vulnerability in Versa Director. CVSS score: 7.2/10. Published 2025-06-18.

How severe is CVE-2025-23171?

High severity. CVSS v3 base score is 7.2 out of 10.

Vulnerability in Versa Director

CVE-2025-23171

The Versa Director SD-WAN orchestration platform provides an option to upload various types of files. The Versa Director does not correctly limit file upload permissions. The UI appears not to allow file uploads but uploads still succeed…

EPSS: 0.004 (62.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.2 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H.

Affected products

Versa Director — versions 21.2.2, 21.2.3, 22.1.1

References

security-portal.versa-networks.com/emailbulletins/68526dbbdc94d6b9f2faf71a
support.versa-networks.com/support/solutions/articles/23000026708-release-22-1-4
support.versa-networks.com/support/solutions/articles/23000026033-release-22-1-3
support.versa-networks.com/support/solutions/articles/23000025680-release-22-1-2
support.versa-networks.com/support/solutions/articles/23000024323-release-21-2-3

Frequently asked questions

What is CVE-2025-23171?: CVE-2025-23171 is a high-severity vulnerability in Versa Director. CVSS score: 7.2/10. Published 2025-06-18.
How severe is CVE-2025-23171?: High severity. CVSS v3 base score is 7.2 out of 10.