Perimeter/routers/firewalls exploited
Key Questions
What is the severity of the Cisco SD-WAN vulnerability CVE-2026-20182?
CVE-2026-20182 in Cisco Catalyst SD-WAN is rated CVSS 10 and allows exploitation through device-type handling in control connections. It is a separate weakness from prior issues and requires urgent patching.
Which NGINX vulnerabilities are being actively exploited?
Critical NGINX flaws including an 18-year-old RCE known as Fragnesia have been exploited, impacting around 5.7 million instances. These expose sensitive data and join other recent vulnerabilities in the Dirty Frag family.
What Palo Alto PAN-OS issues are under active exploitation?
PAN-OS buffer overflow vulnerabilities such as CVE-2026-0300 and CVE-2026-0265 allow unauthenticated network attacks. Active exploitation has been observed with no authentication required.
How severe is the Cisco Secure Workload flaw?
The Cisco Secure Workload vulnerability is rated CVSS 10 and can be exploited remotely without authentication to execute arbitrary code or gain site admin privileges. Patches have been released to address the maximum-severity defect.
What does the SonicWall MFA bypass vulnerability allow?
CVE-2024-12802 enables threat actors to bypass MFA on SonicWall Gen6 SSL-VPN appliances. Attackers have exploited this to gain unauthorized access.
What risks does the new Chromium zero-day pose?
A Fetch UI zero-day in Chromium has a public PoC that increases browser risks for Chrome and Edge users. Google has published exploit code for the unfixed vulnerability.
Are there vulnerabilities affecting Ubiquiti UniFi devices?
Five vulnerabilities impact Ubiquiti UniFi, with three rated at maximum severity. Users should apply patches and conduct hunts urgently.
Why is immediate action recommended for these perimeter exploits?
Multiple high-severity issues in routers, firewalls, and related infrastructure are actively exploited or have public PoCs. Patching and threat hunting are critical to reduce exposure.
Cisco SD-WAN CVE-2026-20182 CVSS10; NGINX + Fragnesia RCE exploited (~5.7M); Palo Alto PAN-OS; Cisco Secure Workload CVSS10; SonicWall MFA bypass; Ubiquiti UniFi 5 vulns (3 max sev); new D-Link cameras and RT LDAP bypasses. Patch/hunts urgent.