Cisco Catalyst SD-WAN Manager
Moderate fix2 remedies
cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*
Moderate fix2 remedies
- >= 20.101, < 20.102
- >= 20.111, < 20.112
- >= 20.12, < 20.12.5
- >= 20.131, < 20.132
- >= 20.142, < 20.143
- >= 20.15, < 20.16.1
Cisco Catalyst SD-WAN Manager Arbitrary File Overwrite Vulnerability
Vulnerability
Patched
A vulnerability exists in the CLI of Cisco Catalyst SD-WAN Manager that allows an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. This issue arises from improper access controls on files in the local file system. An attacker with valid read-only credentials and CLI access can exploit this vulnerability by executing a series of crafted commands. A successful exploit could enable the attacker to overwrite files and gain root privileges.
Impact
Exploitation of this vulnerability could lead to unauthorized file modifications and elevated privileges on the affected device.
Remediation
Cisco has released software updates to address this vulnerability. Customers are advised to upgrade to a fixed release. For guidance on which release to upgrade to, consult the Cisco Security Advisories page.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
3.1impact
7.5exploitability
3.8remediation
7.7relevance
0.0threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.