← back
CVE-2026-20224

Cisco Catalyst SD-WAN Manager XML External Entity Injection Vulnerability

CVSS 8.6 HIGHEPSS 0.7%CWE-20
Vexday Risk Score
41Attention
SSVC decision (CISA)
Attend
PoC available → attend closely
CVSS 8.6EPSS 0.7%KEV nãoPoC públicaNuclei Metasploit Patch
Lifecycle
14 May 2026Published on NVD
15 May 2026Public PoC
Recommendation: Plan a near-term fix — a public PoC already exists.
A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to read arbitrary files that are stored in an affected system. The attacker does not need to have valid user credentials. This vulnerability is due to improper handling of XML External Entity (XXE) entries when parsing an XML file. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to read arbitrary files that are stored in the affected system.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.