CVE-2022-20775Cisco SD-WAN Path Traversal Vulnerability

PUBLISHEDvulnerability record
2026-02-25 · last modified February 25, 2026

Metadata

CVE ID:
CVE-2022-20775
项目:
Cisco
产品:
SD-WAN
添加日期:
2026-02-25
到期日:
2026-02-27
最后更新:
February 25, 2026

漏洞名称

Cisco SD-WAN Path Traversal Vulnerability

描述

Cisco SD-WAN CLI contains a path traversal vulnerability that could allow an authenticated local attacker to gain elevated privileges via improper access controls on commands within the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user.

已知用于勒索软件活动吗?

勒索软件状态:
Unknown

采集行动

Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.

其他说明

相关新闻文章

相关 CWE