Cisco SD-WAN Software Arbitrary File Corruption Vulnerability
Description
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system of an affected system. This vulnerability is due to insufficient validation of the user-supplied input parameters of a specific CLI command. An attacker could exploit this vulnerability by issuing that command with specific parameters. A successful exploit could allow the attacker to overwrite the content in any arbitrary files that reside on the underlying host file system.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Cisco SD-WAN Software CLI command insufficient validation allows authenticated local attackers to overwrite arbitrary files, leading to denial of service or system compromise.
Vulnerability
The vulnerability resides in the CLI of Cisco SD-WAN Software, affecting releases earlier than 18.4, 18.4 before 18.4.6, 19.2 before 19.2.3, 20.1 before 20.1.2, 20.3 before 20.3.1, 20.4 before 20.4.1, and 20.5 before 20.5.1. Insufficient validation of user-supplied input parameters for a specific CLI command allows an authenticated local attacker to overwrite arbitrary files on the underlying host file system [1].
Exploitation
An attacker must have local authenticated access to the Cisco SD-WAN device. The attacker issues the vulnerable CLI command with crafted parameters to overwrite the content of any arbitrary files residing on the host file system [1]. No further user interaction or network access is required beyond that local authentication.
Impact
Successful exploitation enables the attacker to overwrite the contents of arbitrary files, potentially causing denial of service (by corrupting critical system files), data corruption, or enabling further privilege escalation depending on which files are targeted [1].
Mitigation
Cisco has released fixed versions: 18.4.6, 19.2.3, 20.1.2, 20.3.1, 20.4.1, and 20.5.1 for the affected software trains. No workarounds are available. Users should upgrade to these or later releases as indicated in the Cisco Security Advisory [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Cisco/Cisco SD-WAN Solutionv5Range: n/a
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-arbfile-7Qhd9mCnmitrevendor-advisoryx_refsource_CISCO
News mentions
0No linked articles in our index yet.