CVE-2025-20187

Description

A vulnerability in the application data endpoints of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to write arbitrary files to an affected system. This vulnerability is due to improper validation of requests to APIs. An attacker could exploit this vulnerability by sending malicious requests to an API within the affected system. A successful exploit could allow the attacker to conduct directory traversal attacks and write files to an arbitrary location on the affected system.

Reserved 2024-10-10 | Published 2025-05-07 | Updated 2025-05-07 | Assigner cisco

Problem types

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Product status

Default status
unknown

20.1.12
affected

19.2.1
affected

18.4.4
affected

18.4.5
affected

20.1.1.1
affected

20.1.1
affected

19.3.0
affected

19.2.2
affected

19.2.099
affected

18.3.6
affected

18.3.7
affected

19.2.0
affected

18.3.8
affected

19.0.0
affected

19.1.0
affected

18.4.302
affected

18.4.303
affected

19.2.097
affected

19.2.098
affected

17.2.10
affected

18.3.6.1
affected

19.0.1a
affected

18.2.0
affected

18.4.3
affected

18.4.1
affected

17.2.8
affected

18.3.3.1
affected

18.4.0
affected

18.3.1
affected

17.2.6
affected

17.2.9
affected

18.3.4
affected

17.2.5
affected

18.3.1.1
affected

18.3.5
affected

18.4.0.1
affected

18.3.3
affected

17.2.7
affected

17.2.4
affected

18.3.0
affected

19.2.3
affected

18.4.501_ES
affected

20.3.1
affected

20.1.2
affected

19.2.929
affected

19.2.31
affected

20.3.2
affected

19.2.32
affected

20.3.2_925
affected

20.3.2.1
affected

20.3.2.1_927
affected

18.4.6
affected

20.1.2_937
affected

20.3.2_928
affected

20.3.2_929
affected

20.3.2.1_930
affected

19.2.4
affected

20.3.3
affected

19.2.4.0.1
affected

20.3.2_937
affected

20.3.3.1
affected

20.1.3
affected

20.3.3.1.2
affected

20.3.3.1.1
affected

20.3.3.1.7
affected

20.3.3.1.5
affected

20.3.3.1.10
affected

20.3.3.0.8
affected

20.3.4
affected

20.3.3.0.14
affected

19.2.4.0.8
affected

19.2.4.0.9
affected

20.3.4.0.1
affected

20.3.2.0.5
affected

20.3.3.0.17
affected

20.3.2.0.6
affected

20.3.3.0.16
affected

20.3.4.0.5
affected

20.3.4.0.6
affected

20.3.4.0.11
affected

20.3.3.0.18
affected

20.3.4.0.19
affected

20.3.4.0.20
affected

20.3.4.0.24
affected

20.10.1
affected

20.10.1_LI_Images
affected

20.11.1
affected

20.11.1_LI_Images
affected

20.3.3.2
affected

20.10.1.1
affected

20.3.4.0.25
affected

20.11.1.1
affected

20.3.4.0.26
affected

20.1.3.1
affected

20.11.1.2
affected

20.10.1.2
affected

20.12.1
affected

20.12.1_LI_Images
affected

20.12.2
affected

20.12.2_LI_Images
affected

20.13.1_LI_Images
affected

20.13.1
affected

20.12.3_LI_Images
affected

20.12.3
affected

20.14.1
affected

20.14.1_LI_Images
affected

20.12.3.1
affected

20.12.4
affected

20.15.1_LI_Images
affected

20.15.1
affected

20.12.4.0.03
affected

20.12.4_LI_Images
affected

20.12.4.0.4
affected

20.12.401
affected

20.12.4.1_LI_Images
affected

20.12.4.1
affected

References

sec.cloudapps.cisco.com/...ry/cisco-sa-sdwanarbfile-2zKhKZwJ (cisco-sa-sdwanarbfile-2zKhKZwJ)

cve.org (CVE-2025-20187)

nvd.nist.gov (CVE-2025-20187)

Download JSON