Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.
9.8

Cisco Catalyst SD-WAN Manager: Unauthorized Access to System via API

CVE-2026-20129
Summary

A hacker could use a fake API request to gain access to a Cisco Catalyst SD-WAN Manager system without needing a login. This could let them run commands with superuser permissions. If you're running versions of Cisco Catalyst SD-WAN Manager older than 20.18, you should update to the latest version to fix this issue.

What to do

No fix is available yet. Check with your software vendor for updates.

Affected software
VendorProductAffected versionsFix available
cisco catalyst_sd-wan_manager <= 20.9.8.2
cisco catalyst_sd-wan_manager > 20.11 , <= 20.12.5.3
cisco catalyst_sd-wan_manager > 20.13 , <= 20.15.4.2
cisco catalyst_sd-wan_manager > 20.16 , <= 20.18
cisco catalyst_sd-wan_manager 20.12.6
Original title
A vulnerability in the API user authentication of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain access to an affected system as a user who has the&nbsp;netad...
Original description
A vulnerability in the API user authentication of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain access to an affected system as a user who has the&nbsp;netadmin role.

The vulnerability is due to improper authentication for requests that are sent to the API. An attacker could exploit this vulnerability by sending a crafted request to the API of an affected system. A successful exploit could allow the attacker to execute commands with the privileges of the netadmin role.
Note: Cisco Catalyst SD-WAN Manager releases 20.18 and later are not affected by this vulnerability.&nbsp;
nvd CVSS3.1 9.8
Vulnerability type
CWE-287 Improper Authentication
Published: 25 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026