CVE-2026-20169
mediumCVSS v3 Base Score
6.4
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
EPSS Score
0.2%
Exploitation probability in 30 days
Top 89% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Confidentiality
Low
Integrity
Low
Availability
None
Vulnerability Report
Generated by CyberWatcher
Description
A vulnerability in the web-based management interface of Cisco IoT Field Network Director could allow an authenticated, remote attacker with low privileges to access files and execute commands on a remote router.
This vulnerability is due to insufficient input validation of user-supplied data. An attacker could exploit this vulnerability by submitting crafted input in the web-based management interface. A successful exploit could allow the attacker to create, read, or delete files and execute limited commands in user EXEC mode on a remote router.
CWE
CWE-77Affected Products
cisco iot field network director