Lucene search
K

3979 matches found

Vulnrichment
Vulnrichment
added 2026/05/14 4:8 p.m.7 views

CVE-2026-20210 Cisco Catalyst SD-WAN Manager Privilege Escalation Vulnerability

A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker with read-only permissions to modify configurations and perform unauthorized actions on an affected system. This vulnerability exists because of a failure to reda...

5.4CVSS5.8AI score0.00194EPSS
Exploits0References2
CVE
CVE
added 2026/05/14 4:8 p.m.35 views

CVE-2026-20224

CVE-2026-20224 : Cisco Catalyst SD-WAN Manager (formerly SD-WAN vManage) web UI contains an XML External Entity (XXE) handling flaw in XML parsing that could allow an unauthenticated, remote attacker to read arbitrary files on the affected system. Attacker must send a crafted request; no valid cr...

8.6CVSS6AI score0.00696EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/05/14 4:8 p.m.9 views

EUVD-2026-30326

A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker with read-only permissions to modify configurations and perform unauthorized actions on an affected system. This vulnerability exists because of a failure to reda...

5.4CVSS5.8AI score0.00194EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/14 4:8 p.m.9 views

CVE-2026-20209

A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker with read-only permissions to elevate their privileges from low to high and perform actions as a high-privileged user. This vulnerability exists because sensitive...

5.4CVSS5.8AI score0.00194EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/05/14 4:8 p.m.33 views

CVE-2026-20209

Cisco Catalyst SD-WAN Manager (formerly SD-WAN vManage) web UI vulnerability allows an authenticated, read-only user to elevate to a high-privilege role and take actions as a high-privileged user. Root cause: sensitive session information is logged in audit logs. Impact: privilege escalation with...

5.4CVSS5.8AI score0.00194EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/14 4:8 p.m.8 views

CVE-2026-20209 Cisco Catalyst SD-WAN Manager Privilege Escalation Vulnerability

A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker with read-only permissions to elevate their privileges from low to high and perform actions as a high-privileged user. This vulnerability exists because sensitive...

5.4CVSS5.8AI score0.00194EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/14 4:8 p.m.8 views

EUVD-2026-30327

A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker with read-only permissions to elevate their privileges from low to high and perform actions as a high-privileged user. This vulnerability exists because sensitive...

5.4CVSS5.8AI score0.00194EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/14 4:8 p.m.9 views

CVE-2026-20182

May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the was disclosed in February 2026. This new advisory is for a new vulnerability in the control connection handshaking. The section of this advisory includes Show...

10CVSS5.9AI score0.88496EPSS
In wildExploits4References4Affected Software1
Cvelist
Cvelist
added 2026/05/14 4:8 p.m.69 views

CVE-2026-20182 Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability

May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the was disclosed in February 2026. This new advisory is for a new vulnerability in the control connection handshaking. The section of this advisory includes Show...

10CVSS0.88496EPSS
Exploits4References2
CVE
CVE
added 2026/05/14 4:8 p.m.176 views

CVE-2026-20182

Cisco Catalyst SD-WAN Controller (vSmart) and SD-WAN Manager (vManage) are affected by CVE-2026-20182, a critical authentication bypass in the DTLS vdaemon challenge flow. The issue permits a remote, unauthenticated attacker to masquerade as a trusted peer by sending a CHALLENGE_ACK with device t...

10CVSS6.2AI score0.88496EPSS
In wildExploits4References3Affected Software3
Talos Blog
Talos Blog
added 2026/05/14 4:2 p.m.11 views

Ongoing exploitation of Cisco Catalyst SD-WAN vulnerabilities

Cisco Talos is tracking the active exploitation of CVE-2026-20182, an authentication bypass vulnerability in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage. Successful exploitation of CVE-2026-20182 allows an unauthenticated,...

10CVSS7.6AI score0.88496EPSS
Exploits14
Cisco
Cisco
added 2026/05/14 4:0 p.m.43 views

Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability

May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability...

10CVSS6.2AI score0.88496EPSS
Exploits4References1
Cisco
Cisco
added 2026/05/14 4:0 p.m.13 views

Cisco Catalyst SD-WAN Manager Vulnerabilities

Multiple vulnerabilities in Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow a remote attacker to gain access to sensitive information, elevate privileges, or gain unauthorized access to the application. For more information about these vulnerabilities, see the Details "details...

8.6CVSS5.8AI score0.00696EPSS
Exploits0References1
Rapid7 Blog
Rapid7 Blog
added 2026/05/14 4:0 p.m.15 views

CVE-2026-20182: Critical authentication bypass in Cisco Catalyst SD-WAN Controller (FIXED)

Overview While researching a critical authentication bypass vulnerability, CVE-2026-20127, which was exploited in-the-wild, Rapid7 Labs discovered a new authentication bypass vulnerability affecting Cisco Catalyst SD-WAN Controller formerly known as vSmart, CVE-2026-20182. This new authentication...

10CVSS6.6AI score0.88496EPSS
Exploits4
CISA
CISA
added 2026/05/14 12:0 p.m.37 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-20182link is external Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability This type of vulnerability is a frequent attack vector for malicio...

10CVSS6.1AI score0.88496EPSS
In wildExploits4References9
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.14 views

Cisco Catalyst SD-WAN Manager和Cisco Catalyst SD-WAN Controller 授权问题漏洞

Cisco Catalyst SD-WAN Manager Cisco SD-WAN vManage and Cisco Catalyst SD-WAN Controller are both products of the American company Cisco. Cisco Catalyst SD-WAN Manager is a highly customizable dashboard that can simplify and automate the deployment, configuration, management, and operation of Cisc...

10CVSS6.1AI score0.88496EPSS
Exploits4References2
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.14 views

PT-2026-40962

Name of the Vulnerable Software and Affected Versions Cisco Catalyst SD-WAN Manager affected versions not specified Description A flaw in the web UI of Cisco Catalyst SD-WAN Manager, previously known as SD-WAN vManage, allows an unauthenticated remote attacker to read arbitrary files from the...

8.6CVSS5.9AI score0.00696EPSS
Exploits0References12
VulnCheck KEV
VulnCheck KEV
added 2026/05/14 12:0 a.m.29 views

VulnCheck KEV: CVE-2026-20182

May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the was disclosed in February 2026. This new advisory is for a new vulnerability in the control connection handshaking. The section of this advisory includes Show...

10CVSS6.2AI score0.88496EPSS
In wildExploits4References6
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.17 views

PT-2026-40959

Name of the Vulnerable Software and Affected Versions Cisco Catalyst SD-WAN Controller affected versions not specified Cisco Catalyst SD-WAN Manager affected versions not specified Cisco Catalyst SD-WAN Validator affected versions not specified Description A flaw in the peering authentication...

10CVSS7.1AI score0.88496EPSS
Exploits4References278
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.22 views

PT-2026-40960

Name of the Vulnerable Software and Affected Versions Cisco Catalyst SD-WAN Manager versions prior to 26.0.1 Description A flaw in the web UI of Cisco Catalyst SD-WAN Manager allows an authenticated remote attacker with read-only permissions to elevate their privileges to a high-privileged level...

5.4CVSS5.8AI score0.00194EPSS
Exploits0References4
Rows per page
Query Builder