CVE-2026-20129 - Vulnerability Analysis

Overview

Cisco Catalyst SD-WAN Manager < 20.18 contains a broken authentication caused by improper authentication in API user requests, letting unauthenticated remote attackers gain netadmin role privileges, exploit requires crafted API request.

Severity & Score

Impact

Unauthenticated attackers can gain netadmin privileges and execute commands, potentially compromising the entire system.

Mitigation

Upgrade to version 20.18 or later.

References

• https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Feb 25, 2026

🔴 CVE-2026-20129 - Critical (9.8) A vulnerability in the API user authentication of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain access to an affected system as a user who has the&nbsp;netadmin role. The vulnerability is due to improper ... 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20129/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

• Vulnerability Intelligence Dashboard
• Credential Scanner