Skip to main content

Cisco Iot Field Network Director Iot Fnd

3 CVEs product

Monthly

CVE-2026-20167 HIGH This Week

Cisco IoT Field Network Director enables authenticated remote attackers with low-level privileges to crash remotely managed routers by submitting crafted requests through the web-based management interface. The vulnerability causes improper error handling that allows requesting unauthorized files from managed routers, forcing them to reload and creating a denial-of-service condition (CVSS 7.7, Changed Scope). No public exploit or active exploitation reported at time of analysis.

Authentication Bypass Cisco Cisco Iot Field Network Director Iot Fnd
NVD
CVSS 3.1
7.7
EPSS
0.1%
CVE-2026-20169 MEDIUM This Month

Cisco IoT Field Network Director's web-based management interface allows authenticated remote attackers with low privileges to execute arbitrary commands and access files on managed routers via insufficient input validation in the web interface. The vulnerability enables file creation, deletion, read operations, and execution of limited commands in user EXEC mode on remote routers. CVSS 6.4 (medium severity); no active exploitation or public POC identified at time of analysis.

Command Injection Cisco Cisco Iot Field Network Director Iot Fnd
NVD VulDB
CVSS 3.1
6.4
EPSS
0.1%
CVE-2026-20168 MEDIUM This Month

Authenticated remote attackers with low privileges can read arbitrary files via insufficient access controls in the web-based management interface of Cisco IoT Field Network Director. Exploitation requires valid login credentials and submission of crafted input through the management UI; successful attacks result in unauthorized file disclosure but do not enable modification or system disruption. No public exploit code or active exploitation has been identified at time of analysis.

Information Disclosure Cisco Cisco Iot Field Network Director Iot Fnd
NVD
CVSS 3.1
6.5
EPSS
0.0%
EPSS 0% CVSS 7.7
HIGH This Week

Cisco IoT Field Network Director enables authenticated remote attackers with low-level privileges to crash remotely managed routers by submitting crafted requests through the web-based management interface. The vulnerability causes improper error handling that allows requesting unauthorized files from managed routers, forcing them to reload and creating a denial-of-service condition (CVSS 7.7, Changed Scope). No public exploit or active exploitation reported at time of analysis.

Authentication Bypass Cisco Cisco Iot Field Network Director Iot Fnd
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

Cisco IoT Field Network Director's web-based management interface allows authenticated remote attackers with low privileges to execute arbitrary commands and access files on managed routers via insufficient input validation in the web interface. The vulnerability enables file creation, deletion, read operations, and execution of limited commands in user EXEC mode on remote routers. CVSS 6.4 (medium severity); no active exploitation or public POC identified at time of analysis.

Command Injection Cisco Cisco Iot Field Network Director Iot Fnd
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM This Month

Authenticated remote attackers with low privileges can read arbitrary files via insufficient access controls in the web-based management interface of Cisco IoT Field Network Director. Exploitation requires valid login credentials and submission of crafted input through the management UI; successful attacks result in unauthorized file disclosure but do not enable modification or system disruption. No public exploit code or active exploitation has been identified at time of analysis.

Information Disclosure Cisco Cisco Iot Field Network Director Iot Fnd
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy