CVE-2026-20122 in Catalyst SD-WAN Managerinformazioni

Riassunto

di MITRE • 25/02/2026

A vulnerability in the API of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to overwrite arbitrary files on the local file system. To exploit this vulnerability, the attacker must have valid read-only credentials with API access on the affected system.

This vulnerability is due to improper file handling on the API interface of an affected system. An attacker could exploit this vulnerability by uploading a malicious file on the local file system. A successful exploit could allow the attacker to overwrite arbitrary files on the affected system and gain vmanage user privileges.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Responsabile

Cisco

Prenotare

08/10/2025

Divulgazione

25/02/2026

Moderazione

accettato

CPE

pronto

EPSS

0.07016

KEV

si

Attività

molto basso

Fonti

Interested in the pricing of exploits?

See the underground prices here!