Skip to main content

Cisco Thousandeyes Enterprise Agent

1 CVEs product

Monthly

CVE-2026-20199 HIGH This Week

Command injection in the SSL certificate handling of Cisco ThousandEyes Virtual Appliance lets an authenticated administrator upload a crafted certificate to execute arbitrary commands as root on the underlying operating system. The flaw stems from insufficient validation of user-supplied input (CWE-74) and carries a CVSS 7.2 (High) rating; the elevated impact comes from full root-level code execution despite the high-privilege precondition. No public exploit identified at time of analysis, and EPSS is very low at 0.04% (13th percentile), consistent with the CISA SSVC determination of no observed exploitation.

RCE Cisco Cisco Thousandeyes Enterprise Agent
NVD VulDB
CVSS 3.1
7.2
EPSS
0.0%
EPSS 0% CVSS 7.2
HIGH This Week

Command injection in the SSL certificate handling of Cisco ThousandEyes Virtual Appliance lets an authenticated administrator upload a crafted certificate to execute arbitrary commands as root on the underlying operating system. The flaw stems from insufficient validation of user-supplied input (CWE-74) and carries a CVSS 7.2 (High) rating; the elevated impact comes from full root-level code execution despite the high-privilege precondition. No public exploit identified at time of analysis, and EPSS is very low at 0.04% (13th percentile), consistent with the CISA SSVC determination of no observed exploitation.

RCE Cisco Cisco Thousandeyes Enterprise Agent
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy