CVE-2025-20187

Name of the Vulnerable Software and Affected Versions Cisco Catalyst SD-WAN Manager versions (affected versions not specified)

Description A vulnerability in the application data endpoints could allow an authenticated, remote attacker to write arbitrary files to an affected system. This issue is due to improper validation of requests to APIs. An attacker could exploit this by sending malicious requests to an API within the affected system, potentially conducting directory traversal attacks and writing files to arbitrary locations.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.