Cisco has released fixes for a vulnerability in its Catalyst SD-WAN Manager software after becoming aware of limited exploitation of the flaw, which could allow an authenticated attacker to create or overwrite files that may later be used to gain root privileges.
The vulnerability, tracked as CVE-2026–20262, affects the web interface of Cisco Catalyst SD-WAN Manager, formerly known as SD-WAN vManage, which enterprises use to manage SD-WAN deployments across distributed network environments.
Cisco said the flaw stems from insufficient validation of user-supplied input during a file upload process. An authenticated remote attacker with valid credentials and at least write access could exploit ...