Vulnerability Details CVE-2026-20169
A vulnerability in the web-based management interface of Cisco IoT Field Network Director could allow an authenticated, remote attacker with low privileges to access files and execute commands on a remote router.
This vulnerability is due to insufficient input validation of user-supplied data. An attacker could exploit this vulnerability by submitting crafted input in the web-based management interface. A successful exploit could allow the attacker to create, read, or delete files and execute limited commands in user EXEC mode on a remote router.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 10.6%
CVSS Severity
CVSS v3 Score 6.4
Products affected by CVE-2026-20169
-
cpe:2.3:a:cisco:iot_field_network_director:-
-
cpe:2.3:a:cisco:iot_field_network_director:3.2.0-182
-
cpe:2.3:a:cisco:iot_field_network_director:4.0.0
-
cpe:2.3:a:cisco:iot_field_network_director:4.1.0
-
cpe:2.3:a:cisco:iot_field_network_director:4.1.1
-
cpe:2.3:a:cisco:iot_field_network_director:4.1.2
-
cpe:2.3:a:cisco:iot_field_network_director:4.1.3
-
cpe:2.3:a:cisco:iot_field_network_director:4.10.0
-
cpe:2.3:a:cisco:iot_field_network_director:4.11.0
-
cpe:2.3:a:cisco:iot_field_network_director:4.12.0
-
cpe:2.3:a:cisco:iot_field_network_director:4.12.1
-
cpe:2.3:a:cisco:iot_field_network_director:4.2(0.4)
-
cpe:2.3:a:cisco:iot_field_network_director:4.2(1.2)
-
cpe:2.3:a:cisco:iot_field_network_director:4.2.0
-
cpe:2.3:a:cisco:iot_field_network_director:4.3(0.20)
-
cpe:2.3:a:cisco:iot_field_network_director:4.3.0
-
cpe:2.3:a:cisco:iot_field_network_director:4.3.1
-
cpe:2.3:a:cisco:iot_field_network_director:4.3.2
-
cpe:2.3:a:cisco:iot_field_network_director:4.4(0.26)
-
cpe:2.3:a:cisco:iot_field_network_director:4.4.0
-
cpe:2.3:a:cisco:iot_field_network_director:4.4.1
-
cpe:2.3:a:cisco:iot_field_network_director:4.4.2
-
cpe:2.3:a:cisco:iot_field_network_director:4.4.2-11
-
cpe:2.3:a:cisco:iot_field_network_director:4.4.3
-
cpe:2.3:a:cisco:iot_field_network_director:4.4.4
-
cpe:2.3:a:cisco:iot_field_network_director:4.5.0
-
cpe:2.3:a:cisco:iot_field_network_director:4.5.1
-
cpe:2.3:a:cisco:iot_field_network_director:4.6.0
-
cpe:2.3:a:cisco:iot_field_network_director:4.6.1
-
cpe:2.3:a:cisco:iot_field_network_director:4.6.2
-
cpe:2.3:a:cisco:iot_field_network_director:4.7.0
-
cpe:2.3:a:cisco:iot_field_network_director:4.7.1
-
cpe:2.3:a:cisco:iot_field_network_director:4.7.2
-
cpe:2.3:a:cisco:iot_field_network_director:4.8.0
-
cpe:2.3:a:cisco:iot_field_network_director:4.8.1
-
cpe:2.3:a:cisco:iot_field_network_director:4.9.0
-
cpe:2.3:a:cisco:iot_field_network_director:4.9.1
-
cpe:2.3:a:cisco:iot_field_network_director:4.9.2
-
cpe:2.3:a:cisco:iot_field_network_director:5.0.0