CVE-2025-23173
📋 TL;DR
This vulnerability in Versa Director SD-WAN orchestration platform exposes the websockify service on port 6080 by default, allowing internet access to uCPE virtual machine consoles. Attackers could exploit known websockify weaknesses to potentially execute remote code. Organizations using Versa Director with default configurations are affected.
💻 Affected Systems
- Versa Director SD-WAN orchestration platform
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Remote code execution leading to complete compromise of the Versa Director platform, lateral movement within the network, and potential data exfiltration.
Likely Case
Unauthorized access to uCPE virtual machine consoles, enabling attackers to manipulate network configurations, intercept traffic, or establish persistence.
If Mitigated
Limited to internal network access only, reducing exposure but still allowing authenticated internal users to potentially exploit the vulnerability.
🎯 Exploit Status
Proof of concept has been disclosed by third-party researchers. Websockify has known weaknesses that can be exploited without authentication.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 21.2.3, 22.1.2, 22.1.3, or 22.1.4
Vendor Advisory: https://security-portal.versa-networks.com/emailbulletins/68526ee0dc94d6b9f2faf71c
Restart Required: Yes
Instructions:
1. Backup current configuration. 2. Download appropriate patched version from Versa support portal. 3. Upgrade Director to one of the remediated versions (21.2.3, 22.1.2, 22.1.3, or 22.1.4). 4. Restart the Director service. 5. Verify upgrade completion and functionality.
🔧 Temporary Workarounds
Network Access Restriction
allBlock external access to TCP port 6080 using firewall rules
iptables -A INPUT -p tcp --dport 6080 -j DROP
netsh advfirewall firewall add rule name="Block Versa Port 6080" dir=in action=block protocol=TCP localport=6080
🧯 If You Can't Patch
- Implement strict network segmentation to isolate Versa Director from internet and untrusted networks
- Deploy intrusion detection/prevention systems to monitor and block traffic on port 6080
🔍 How to Verify
Check if Vulnerable:
Check if port 6080 is listening and accessible: 'netstat -tulpn | grep 6080' or 'ss -tulpn | grep 6080' on Linux systemsCheck Version:
Check Director web interface or CLI for version information specific to Versa Director platformVerify Fix Applied:
Verify upgraded version matches patched releases and port 6080 is no longer externally accessible: 'curl -v http://<director-ip>:6080' should fail from external networks📡 Detection & Monitoring
Log Indicators:
- Unusual connection attempts to port 6080
- Websockify service error logs indicating exploitation attempts
- Unauthorized access patterns to uCPE consoles
Network Indicators:
- External traffic to TCP port 6080
- Unusual websocket traffic patterns
- Traffic from unexpected sources to Director platform
SIEM Query:
source_port=6080 OR dest_port=6080 AND (src_ip NOT IN internal_networks OR suspicious_user_agent)🔗 References
- https://security-portal.versa-networks.com/emailbulletins/68526ee0dc94d6b9f2faf71c
- https://support.versa-networks.com/support/solutions/articles/23000024323-release-21-2-3
- https://support.versa-networks.com/support/solutions/articles/23000025680-release-22-1-2
- https://support.versa-networks.com/support/solutions/articles/23000026033-release-22-1-3
- https://support.versa-networks.com/support/solutions/articles/23000026708-release-22-1-4
