How severe is CVE-2020-26071?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.4 out of 10.

What type of vulnerability is CVE-2020-26071?

This is classified as CWE-22, which is a common weakness in software security.

CVE-2020-26071 - HIGH Severity | CVSS 8.4

Vulnerability Description

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to create or overwrite arbitrary files on an affected device, which could result in a denial of service (DoS) condition. The vulnerability is due to insufficient input validation for specific commands. An attacker could exploit this vulnerability by including crafted arguments to those specific commands. A successful exploit could allow the attacker to create or overwrite arbitrary files on the affected device, which could result in a DoS condition.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Related Vulnerabilities

CVE-2018-7098

HIGH

CVSS:8.4(High)

A security vulnerability was identified in 3PAR Service Processor (SP) prior to SP-4.4.0.GA-110(MU7). The vulnerability may be locally exploited to allow directory traversal.

CWE-222018

CVE-2020-8144

HIGH

CVSS:8.4(High)

The UniFi Video Server v3.9.3 and prior (for Windows 7/8/10 x64) web interface Firmware Update functionality, under certain circumstances, does not validate firmware download destinations to ensure th...

CWE-222020

CVE-2021-20134

HIGH

CVSS:8.4(High)

Quagga Services on D-Link DIR-2640 less than or equal to version 1.11B02 are affected by an absolute path traversal vulnerability that allows a remote, authenticated attacker to set an arbitrary file ...

CWE-222021

CVE-2024-1708

HIGH

CVSS:8.4(High)

ConnectWise ScreenConnect 23.9.7 and prior are affected by path-traversal vulnerability, which may allow an attacker the ability to execute remote code or directly impact confidential data or critical...

CWE-222024

CVE-2024-3322

HIGH

CVSS:8.4(High)

A path traversal vulnerability exists in the 'cyber_security/codeguard' native personality of the parisneo/lollms-webui, affecting versions up to 9.5. The vulnerability arises from the improper limita...

CWE-222024

CVE-2024-41799

HIGH

CVSS:8.4(High)

tgstation-server is a production scale tool for BYOND server management. Prior to 6.8.0, low permission users using the "Set .dme Path" privilege could potentially set malicious .dme files existing on...

CWE-222024