7 matches found
VulnCheck KEV: CVE-2026-20122
A vulnerability in the API of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to overwrite arbitrary files on the local file system. To exploit this vulnerability, the attacker must have valid read-only credentials with API access on the affected system. This...
EUVD-2026-8673
A vulnerability in the API of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to overwrite arbitrary files on the local file system. To exploit this vulnerability, the attacker must have valid read-only credentials with API access on the affected system. This...
CVE-2026-20122
A vulnerability in the API of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to overwrite arbitrary files on the local file system. To exploit this vulnerability, the attacker must have valid read-only credentials with API access on the affected system. This...
CVE-2026-20122 Cisco Catalyst SD-WAN Manager Arbitrary File Overwrite Vulnerability
A vulnerability in the API of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to overwrite arbitrary files on the local file system. To exploit this vulnerability, the attacker must have valid read-only credentials with API access on the affected system. This...
PT-2026-21952
Name of the Vulnerable Software and Affected Versions Cisco Catalyst SD-WAN Manager affected versions not specified Description An issue in the API of Cisco Catalyst SD-WAN Manager, specifically within the Data Collection Agent DCA service, results from improper file handling and the incorrect us...
The vulnerability of the user interface of the programmatically defined Cisco SD-WAN network allows a hacker to execute arbitrary commands with user privileges from the vmanage system within the vulnerable system.
The vulnerability of the programmable user interface in Cisco SD-WAN networks is related to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands with privileges as the vmanage user on the vulnerable system...
CVE-2019-12629
A vulnerability in the WebUI of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject and execute arbitrary commands with vmanage user privileges on an affected system. The vulnerability is due to insufficient input validation of data parameters for certain fields in t...