Cisco SD-WAN Solution Arbitrary File Overwrite Vulnerability
Description
A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the save command in the CLI of the affected software. An attacker could exploit this vulnerability by modifying the save command in the CLI of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the underlying operating system of an affected device and escalate their privileges to the root user.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Authenticated remote attacker can overwrite arbitrary files and escalate to root via improper input validation of the save command in Cisco SD-WAN Solution CLI.
Vulnerability
A vulnerability in the Cisco SD-WAN Solution allows an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The flaw resides in the improper input validation of the save command within the CLI of the affected software. Affected components include vManage, vBond, vSmart, and vEdge devices running specific software versions as detailed in the Cisco advisory [1].
Exploitation
An attacker must have valid credentials to access the CLI of an affected device. The attacker then issues a crafted save command that bypasses input validation, enabling the overwrite of arbitrary files. No additional user interaction is required beyond authentication.
Impact
Successful exploitation allows the attacker to overwrite arbitrary files on the underlying operating system, leading to privilege escalation to the root user. This grants full control over the affected device, potentially compromising confidentiality, integrity, and availability.
Mitigation
Cisco has released free software updates to address this vulnerability. Customers should upgrade to the fixed versions specified in the advisory [1]. No workarounds are available. The vulnerability is not listed in the Known Exploited Vulnerabilities (KEV) catalog as of the publication date.
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Cisco/Cisco SD-WAN Solutionv5Range: n/a
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-file-writemitrevendor-advisoryx_refsource_CISCO
- www.securityfocus.com/bid/106716mitrevdb-entryx_refsource_BID
News mentions
0No linked articles in our index yet.