CVE-2026-20128

Name of the Vulnerable Software and Affected Versions Cisco Catalyst SD-WAN Manager versions prior to 20.18

Description A flaw in the Data Collection Agent (DCA) feature allows an unauthenticated, remote attacker to gain DCA user privileges on an affected system. This issue is caused by the presence of a credential file for the DCA user. An attacker can exploit this by sending a crafted HTTP request to read the file containing the DCA password, potentially allowing access to other affected systems and privilege escalation.

Recommendations Update to version 20.18 or later.