Main
Vulnerability Database
Exploits
ID:12490 - Exploit for Improper authentication in Catalyst SD-WAN Controller (formerly SD-WAN vSmart) and Catalyst SD-WAN Manager (formerly SD-WAN vManage) - CVE-2026-20127
ID:12490 - Exploit for Improper authentication in Catalyst SD-WAN Controller (formerly SD-WAN vSmart) and Catalyst SD-WAN Manager (formerly SD-WAN vManage) - CVE-2026-20127
Published: March 13, 2026
Vulnerability identifier: #VU123273
Vulnerability risk: Critical
CVE-ID: CVE-2026-20127
CWE-ID: CWE-287
Exploitation vector: Remote access
Vulnerable software:
Catalyst SD-WAN Controller (formerly SD-WAN vSmart)
Catalyst SD-WAN Manager (formerly SD-WAN vManage)
Catalyst SD-WAN Controller (formerly SD-WAN vSmart)
Catalyst SD-WAN Manager (formerly SD-WAN vManage)
Link to public exploit:
Vulnerability description
The vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error in authentication mechanism. A remote non-authenticated attacker can send specially crafted requests to bypass authentication process and access NETCONF, which would then allow to manipulate network configuration for the SD-WAN fabric.
Note, the vulnerability is being actively exploited in the wild.
Remediation
Install updates from vendor's website.