CVE-2020-26078

A vulnerability in the file system of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to overwrite files on an affected system. The vulnerability is due to insufficient file system protections. An attacker could exploit this vulnerability by crafting API requests and sending them to an affected system. A successful exploit could allow the attacker to overwrite files on an affected system.
Configurations

Configuration 1 (hide)

cpe:2.3:a:cisco:iot_field_network_director:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-11-18 18:15

Updated : 2024-02-28 18:08


NVD link : CVE-2020-26078

Mitre link : CVE-2020-26078

CVE.ORG link : CVE-2020-26078


JSON object : View

Products Affected

cisco

  • iot_field_network_director
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-73

External Control of File Name or Path