CVE-2026-20122

MEDIUM 5.4

Cisco Catalyst SD-WAN Manager Arbitrary File Overwrite Vulnerability

CVSS Score

5.4

EPSS Score

0.0%

EPSS Percentile

13th

A vulnerability in the API of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to overwrite arbitrary files on the local file system. To exploit this vulnerability, the attacker must have valid read-only credentials with API access on the affected system. This vulnerability is due to improper file handling on the API interface of an affected system. An attacker could exploit this vulnerability by uploading a malicious file on the local file system. A successful exploit could allow the attacker to overwrite arbitrary files on the affected system and gain vmanage user privileges.

CWE	CWE-648
Vendor	cisco
Product	cisco catalyst sd-wan manager
Ecosystems	Networking
Industries	NetworkingTelecommunications
Published	Feb 25, 2026
Last Updated	Mar 20, 2026

Stay Ahead of the Next One

Get instant alerts for cisco cisco catalyst sd-wan manager

Be the first to know when new medium vulnerabilities affecting cisco cisco catalyst sd-wan manager are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

None

Affected Versions

Cisco / Cisco Catalyst SD-WAN Manager

20.1.12 19.2.1 18.4.4 18.4.5 20.1.1.1 20.1.1 19.3.0 19.2.2 19.2.099 18.3.6 18.3.7 19.2.0 18.3.8 19.0.0 19.1.0 18.4.302 18.4.303 19.2.097 19.2.098 17.2.10 18.3.6.1 19.0.1a 18.2.0 18.4.3 18.4.1 17.2.8 18.3.3.1 18.4.0 18.3.1 17.2.6 17.2.9 18.3.4 17.2.5 18.3.1.1 18.3.5 18.4.0.1 18.3.3 17.2.7 17.2.4 18.3.0 19.2.3 18.4.501_ES 20.3.1 20.1.2 19.2.929 19.2.31 20.3.2 19.2.32 20.3.2_925 20.3.2.1 20.3.2.1_927 18.4.6 20.1.2_937 20.4.1 20.3.2_928 20.3.2_929 20.4.1.0.1 20.3.2.1_930 19.2.4 20.5.0.1.1 20.4.1.1 20.3.3 19.2.4.0.1 20.3.2_937 20.3.3.1 20.5.1 20.1.3 20.3.3.0.4 20.3.3.1.2 20.3.3.1.1 20.4.1.2 20.3.3.0.2 20.4.1.1.5 20.4.1.0.01 20.4.1.0.02 20.3.3.1.7 20.3.3.1.5 20.5.1.0.1 20.3.3.1.10 20.3.3.0.8 20.4.2 20.4.2.0.1 20.3.4 20.3.3.0.14 19.2.4.0.8 19.2.4.0.9 20.3.4.0.1 20.3.2.0.5 20.6.1 20.5.1.0.2 20.3.3.0.17 20.6.1.1 20.6.0.18.3 20.3.2.0.6 20.6.0.18.4 20.4.2.0.2 20.3.3.0.16 20.3.4.0.5 20.6.1.0.1 20.3.4.0.6 20.6.2 20.7.1EFT2 20.3.4.0.9 20.3.4.0.11 20.4.2.0.4 20.3.3.0.18 20.7.1 20.6.2.1 20.3.4.1 20.5.1.1 20.4.2.1 20.4.2.1.1 20.3.4.1.1 20.3.813 20.3.4.0.19 20.4.2.2.1 20.5.1.2 20.3.4.2 20.3.814 20.4.2.2 20.6.2.2 20.3.4.2.1 20.7.1.1 20.3.4.1.2 20.6.2.2.2 20.3.4.0.20 20.6.2.2.3 20.4.2.2.2 20.3.5 20.6.2.0.4 20.4.2.2.3 20.3.4.0.24 20.6.2.2.7 20.6.3 20.3.4.2.2 20.4.2.2.4 20.7.1.0.2 20.8.1 20.3.5.0.8 20.3.5.0.9 20.4.2.2.8 20.3.5.0.7 20.6.3.0.7 20.6.3.0.5 20.6.3.0.10 20.6.3.0.2 20.7.2 20.9.1EFT2 20.6.3.0.11 20.6.3.1 20.6.3.0.14 20.6.4 20.9.1 20.6.3.0.19 20.6.3.0.18 20.3.6 20.9.1.1 20.6.3.0.23 20.6.4.0.4 20.6.3.0.25 20.6.5 20.6.3.0.27 20.9.2 20.9.2.1 20.6.3.0.29 20.6.3.0.31 20.6.3.0.32 20.10.1 20.6.3.0.33 20.9.2.0.01 20.9.1_LI_Images 20.10.1_LI_Images 20.9.2_LI_Images 20.3.7 20.9.3 20.6.5.1 20.11.1 20.11.1_LI_Images 20.9.3_LI_ Images 20.6.3.1.1 20.9.3.0.2 20.6.5.1.2 20.9.3.0.3 20.4.2.3 20.6.3.2 20.6.4.1 20.6.3.0.38 20.6.3.0.39 20.3.5.1 20.3.4.3 20.9.3.1 20.3.3.2 20.6.5.2 20.3.7.1 20.10.1.1 20.6.5.2.1 20.3.4.0.25 20.6.2.2.4 20.6.1.2 20.11.1.1 20.9.3.0.5 20.3.4.0.26 20.6.5.1.3 20.6.3.0.40 20.1.3.1 20.9.2.2 20.6.5.2.3 20.6.5.1.4 20.6.5.3 20.6.3.0.41 20.9.3.0.7 20.6.5.1.5 20.9.3.0.4 20.6.4.0.19 20.6.5.1.6 20.9.3.0.8 20.6.3.3 20.3.7.2 20.6.5.4 20.6.5.1.7 20.9.3.0.12 20.6.4.2 20.6.5.5 20.9.3.2 20.11.1.2 20.6.3.4 20.10.1.2 20.6.5.1.9 20.9.3.0.16 20.6.3.0.45 20.6.5.1.10 20.9.3.0.17 20.6.5.2.4 20.6.4.0.21 20.9.3.0.18 20.6.3.0.46 20.6.3.0.47 20.9.2.3 20.9.3.2_LI_Images 20.9.3.0.21 20.9.3.0.20 20.9.4_LI_Images 20.9.4 20.6.5.1.11 20.12.1 20.12.1_LI_Images 20.6.5.1.13 20.9.3.0.23 20.6.5.2.8 20.9.4.1 20.9.4.1_LI_Images 20.9.3.0.25 20.9.3.0.24 20.6.5.1.14 20.3.8 20.6.6 20.9.3.0.26 20.6.3.0.51 20.9.3.0.29 20.12.2 20.12.2_LI_Images 20.6.6.0.1 20.13.1_LI_Images 20.9.4.0.4 20.13.1 20.9.4.1.1 20.9.5 20.9.5_LI_Images 20.12.3_LI_Images 20.12.3 20.9.4.1.3 20.6.7 20.9.5.1 20.9.5.1_LI_Images 20.9.4.1.6 20.14.1 20.14.1_LI_Images 20.9.5.2 20.9.5.2.1 20.9.5.2_LI_Images 20.12.3.1 20.12.4 20.15.1_LI_Images 20.15.1 20.9.5.1.4 20.9.5.2.7 20.9.5.2.13 20.9.6 20.9.6_LI_Images 20.9.5.2.14 20.6.8 20.12.4.0.03 20.16.1 20.16.1_LI_Images 20.12.4_LI_Images 20.9.5.2.16 20.12.4.0.4 20.12.401 20.9.5.3 20.9.5.3_LI_Images 20.12.4.1_LI_Images 20.12.4.1 20.9.5.2.21 20.9.6.0.3 20.12.4.0.6 20.15.2_LI_Images 20.15.2 20.12.4_Monthly_ES5 20.12.5 20.12.5_LI_Images 20.9.7_LI _Images 20.9.7 20.15.3 20.15.3_ LI _Images 20.12.501 20.12.5.1_LI_Images 20.12.5.1 20.12.5.2_LI_Images 20.12.5.2 20.15.3.1 20.15.4_LI_Images 20.15.4 20.9.7.1_LI _Images 20.9.7.1 20.18.1 20.18.1_LI_Images 20.12.6_LI_Images 20.12.6 20.12.5.1.01 20.9.8 20.9.8_LI_Images 20.18.2 20.15.4.1_LI_Images 20.15.4.1 20.18.2_LI_Images

References

NVD ↗ CVE.org ↗ EPSS Data ↗

sec.cloudapps.cisco.com: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v