The vulnerabilities require no authentication whatsoever to exploit. In the best case scenario, an attacker can use these vulnerabilities to intercept or steer traffic. In each post well disclose another vulnerability in a major SD-WAN vendor. The vulnerabilities were disclosed to the respective vendors and resolved by the time of publication. Silver Peak was recently acquired by HPE and is a leader in the Magic Quadrant for WAN Edge Infrastructure. In part of a four-part series, Realmode Labs disclose vulnerabilities in the Silver-Peak Unity Orchestrator.”]
Source: https://medium.com/realmodelabs/silver-peak-unity-orchestrator-rce-2928d65ef749