Details of VAR-202606-1203

ID

VAR-202606-1203

CVE

CVE-2026-20262

TITLE

Cisco Systems Cisco Catalyst SD-WAN Manager Past traversal vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2026-020168

DESCRIPTION

A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker to create a file or overwrite any file on the filesystem of an affected system. This vulnerability exists because the affected software does not properly validate user-supplied input during a file upload process. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected API endpoint of the affected system. A successful exploit could allow the attacker to create or overwrite any file on the underlying operating system. This file could later be used to elevate to root. To exploit this vulnerability, the attacker must have valid credentials with at least a lower-privileged, single-task user account. An attacker could use a specially crafted... root This vulnerability can be used to escalate privileges. • All information handled by this software may be overwritten. • This software will not stop

Trust: 1.62

sources: NVD: CVE-2026-20262 // JVNDB: JVNDB-2026-020168

AFFECTED PRODUCTS

vendor:	cisco	model:	catalyst sd-wan manager	scope:	lt	version:	20.15.4.5	Trust: 1.0
vendor:	cisco	model:	catalyst sd-wan manager	scope:	lt	version:	20.12.7.2	Trust: 1.0
vendor:	cisco	model:	catalyst sd-wan manager	scope:	gte	version:	26.1	Trust: 1.0
vendor:	cisco	model:	catalyst sd-wan manager	scope:	lt	version:	20.15.5.3	Trust: 1.0
vendor:	cisco	model:	catalyst sd-wan manager	scope:	gte	version:	20.10	Trust: 1.0
vendor:	cisco	model:	catalyst sd-wan manager	scope:	lt	version:	20.9.9.2	Trust: 1.0
vendor:	cisco	model:	catalyst sd-wan manager	scope:	gte	version:	20.16	Trust: 1.0
vendor:	cisco	model:	catalyst sd-wan manager	scope:	lt	version:	26.1.1.2	Trust: 1.0
vendor:	cisco	model:	catalyst sd-wan manager	scope:	gte	version:	20.13	Trust: 1.0
vendor:	cisco	model:	catalyst sd-wan manager	scope:	gte	version:	20.15.5	Trust: 1.0
vendor:	cisco	model:	catalyst sd-wan manager	scope:	lt	version:	20.18.3.1	Trust: 1.0
vendor:	シスコシステムズ	model:	cisco catalyst sd-wan manager	scope:	eq	version:	20.9.9.2	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco catalyst sd-wan manager	scope:	eq	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco catalyst sd-wan manager	scope:	eq	version:	20.13 that's all 20.15.4.5	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco catalyst sd-wan manager	scope:	eq	version:	20.16 that's all 20.18.3.1	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco catalyst sd-wan manager	scope:	eq	version:	20.10 that's all 20.12.7.2	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco catalyst sd-wan manager	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco catalyst sd-wan manager	scope:	eq	version:	20.15.5 that's all 20.15.5.3	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco catalyst sd-wan manager	scope:	eq	version:	26.1 that's all 26.1.1.2	Trust: 0.8

sources: JVNDB: JVNDB-2026-020168 // NVD: CVE-2026-20262

CVSS

SEVERITY

CVSSV2

CVSSV3

psirt@cisco.com:	CVE-2026-20262
value:	MEDIUM
Trust: 1.0
OTHER:	JVNDB-2026-020168
value:	MEDIUM
Trust: 0.8

psirt@cisco.com:	CVE-2026-20262
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.1
Trust: 1.0
OTHER:	JVNDB-2026-020168
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2026-020168 // NVD: CVE-2026-20262

PROBLEMTYPE DATA

problemtype:	CWE-22	Trust: 1.0
problemtype:	Path traversal (CWE-22) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2026-020168 // NVD: CVE-2026-20262

PATCH

title:

Cisco Catalyst SD-WAN Manager Arbitrary File Write Vulnerability

url:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-arbfw-c2rZvQ

Trust: 0.8

sources: JVNDB: JVNDB-2026-020168

EXTERNAL IDS

db:	NVD	id:	CVE-2026-20262	Trust: 2.6
db:	JVNDB	id:	JVNDB-2026-020168	Trust: 0.8

sources: JVNDB: JVNDB-2026-020168 // NVD: CVE-2026-20262

REFERENCES

url:	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=cve-2026-20262	Trust: 1.8
url:	https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sdwan-arbfw-c2rzvq	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2026-20262	Trust: 0.8

sources: JVNDB: JVNDB-2026-020168 // NVD: CVE-2026-20262

SOURCES

db:	JVNDB	id:	JVNDB-2026-020168
db:	NVD	id:	CVE-2026-20262

LAST UPDATE DATE

2026-06-19T23:43:25.607000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2026-020168	date:	2026-06-17T06:46:00
db:	NVD	id:	CVE-2026-20262	date:	2026-06-16T12:54:55.373

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2026-020168	date:	2026-06-17T00:00:00
db:	NVD	id:	CVE-2026-20262	date:	2026-06-15T18:16:34.820