Description

A vulnerability in the API of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to overwrite arbitrary files on the local file system. To exploit this vulnerability, the attacker must have valid read-only credentials with API access on the affected system. This vulnerability is due to improper file handling on the API interface of an affected system. An attacker could exploit this vulnerability by uploading a malicious file on the local file system. A successful exploit could allow the attacker to overwrite arbitrary files on the affected system and gain vmanage user privileges.

INFO

Published Date :

2026-02-25T16:14:21.256Z

Last Modified :

2026-04-21T03:55:33.255Z

Source :

cisco
AFFECTED PRODUCTS

The following products are affected by CVE-2026-20122 vulnerability.

Vendors Products
Cisco
  • Catalyst Sd-wan Manager
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-20122.

URL Resource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v cve-icon cve-icon
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20122 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact