IOC Radar
TLP:WHITE11 IOCs

Cisco Catalyst SD-WAN Manager Zero-Day Exploited to Gain Root Access

CP
Cyber Press
Published June 25, 2026Original Report

Diamond Model

SOCIAL AXISTECHNOLOGY AXISADVERSARYunknownINFRASTRUCTURE126.51.108.15245.32.38.160209.137.225.101CAPABILITYunknownVICTIMunknown
Adversary
Infrastructure(6)
Capability
Victim

5W+H Threat Analysis

Analysis unavailable

Indicators of Compromise

Indicators of Compromise11

TypeIndicatorConfidenceScoreFirst Seen
IP126.51.108.152
exploitintel-blognetwork
High
58
Jun 25, 26
IP45.32.38.160
indicatorintel-blognetwork
High
58
Jun 25, 26
IP209.137.225.101
indicatorintel-blognetwork
High
58
Jun 25, 26
IP153.186.231.233
indicatorintel-blognetwork
High
58
Jun 25, 26
IP76.92.245.217
exploitintel-blognetwork
High
58
Jun 25, 26
CVECVE-2026-20245
exploitintel-blogmalware
High
71
Jun 5, 26
IP207.190.37.94
indicatorintel-blognetwork
High
58
Jun 25, 26
IP23.245.7.178
indicatorintel-blognetwork
High
58
Jun 25, 26
CVECVE-2026-20182
exploitintel-blogmalware
High
69
Jun 2, 26
IP167.179.79.189
indicatorintel-blognetwork
High
58
Jun 25, 26
CVECVE-2026-20127
exploitintel-blogmalware
High
61
Jun 3, 26

IOC Relationship Graph

IOC Relationship Graph11 total IOCs
IPCVE
IP8CVE3REPORTCisco Catalyst SD-WAN Mana
scroll to zoom · drag to pan · click IOC to open