CVE-2026-20167
Cisco IoT Field Network Director Remote Device Denial of Service Vulnerability
CVSS Score
7.7
EPSS Score
0.0%
EPSS Percentile
0th
A vulnerability in the web-based management interface of Cisco IoT Field Network Director could allow an authenticated, remote attacker with low privileges to cause a DoS condition on a remotely managed router. This vulnerability is due to improper error handling. An attacker could exploit this vulnerability by submitting crafted input to the web-based management interface. A successful exploit could allow the attacker to request unauthorized files from a remote router, causing the router to reload and resulting in a DoS condition.
| CWE | CWE-284 |
| Vendor | cisco |
| Product | cisco iot field network director (iot-fnd) |
| Ecosystems | |
| Industries | NetworkingTelecommunications |
| Published | May 6, 2026 |
Stay Ahead of the Next One
Get instant alerts for cisco cisco iot field network director (iot-fnd)
Be the first to know when new high vulnerabilities affecting cisco cisco iot field network director (iot-fnd) are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
None
Integrity
None
Availability
High
Affected Versions
Cisco / Cisco IoT Field Network Director (IoT-FND)
4.5.1 4.4.3 4.1.0 4.1.3 4.6.1 4.1.1 4.4.0 4.2.0 4.4.2 4.3.0 4.6.0 4.4.4 4.3.2 4.1.2 4.4.1 4.5.0 4.3.1 4.7.0 4.6.2 4.7.1 4.7.2 4.8.0 4.8.1 4.9.0 4.9.1 4.10.0 4.9.2 4.11.0 4.12.0 4.12.1