CVE-2026-20224

cis · catalyst sd-wan manager

Cisco Catalyst SD-WAN Manager XML External Entity Injection Vulnerability

Description

A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to read arbitrary files that are stored in an affected system. The attacker does not need to have valid user credentials. This vulnerability is due to improper handling of XML External Entity (XXE) entries when parsing an XML file. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to read arbitrary files that are stored in the affected system.

Affected Products

Vendor	Product	Versions
cis	catalyst sd-wan manager	20.1.12, 19.2.1, 18.4.4, 18.4.5, 20.1.1.1, 20.1.1, 19.3.0, 19.2.2, 19.2.099, 18.3.6, 18.3.7, 19.2.0, 18.3.8, 19.0.0, 19.1.0, 18.4.302, 18.4.303, 19.2.097, 19.2.098, 17.2.10, 18.3.6.1, 19.0.1a, 18.2.0, 18.4.3, 18.4.1, 17.2.8, 18.3.3.1, 18.4.0, 18.3.1, 17.2.6, 17.2.9, 18.3.4, 17.2.5, 18.3.1.1, 18.3.5, 18.4.0.1, 18.3.3, 17.2.7, 17.2.4, 18.3.0, 19.2.3, 18.4.501_ES, 20.3.1, 20.1.2, 19.2.929, 19.2.31, 20.3.2, 19.2.32, 20.3.2_925, 20.3.2.1, 20.3.2.1_927, 18.4.6, 20.1.2_937, 20.4.1, 20.3.2_928, 20.3.2_929, 20.4.1.0.1, 20.3.2.1_930, 19.2.4, 20.5.0.1.1, 20.4.1.1, 20.3.3, 19.2.4.0.1, 20.3.2_937, 20.3.3.1, 20.5.1, 20.1.3, 20.3.3.0.4, 20.3.3.1.2, 20.3.3.1.1, 20.4.1.2, 20.3.3.0.2, 20.4.1.1.5, 20.4.1.0.01, 20.4.1.0.02, 20.3.3.1.7, 20.3.3.1.5, 20.5.1.0.1, 20.3.3.1.10, 20.3.3.0.8, 20.4.2, 20.4.2.0.1, 20.3.4, 20.3.3.0.14, 19.2.4.0.8, 19.2.4.0.9, 20.3.4.0.1, 20.3.2.0.5, 20.6.1, 20.5.1.0.2, 20.3.3.0.17, 20.6.1.1, 20.6.0.18.3, 20.3.2.0.6, 20.6.0.18.4, 20.4.2.0.2, 20.3.3.0.16, 20.3.4.0.5, 20.6.1.0.1, 20.3.4.0.6, 20.6.2, 20.7.1EFT2, 20.3.4.0.9, 20.3.4.0.11, 20.4.2.0.4, 20.3.3.0.18, 20.7.1, 20.6.2.1, 20.3.4.1, 20.5.1.1, 20.4.2.1, 20.4.2.1.1, 20.3.4.1.1, 20.3.813, 20.3.4.0.19, 20.4.2.2.1, 20.5.1.2, 20.3.4.2, 20.3.814, 20.4.2.2, 20.6.2.2, 20.3.4.2.1, 20.7.1.1, 20.3.4.1.2, 20.6.2.2.2, 20.3.4.0.20, 20.6.2.2.3, 20.4.2.2.2, 20.3.5, 20.6.2.0.4, 20.4.2.2.3, 20.3.4.0.24, 20.6.2.2.7, 20.6.3, 20.3.4.2.2, 20.4.2.2.4, 20.7.1.0.2, 20.8.1, 20.3.5.0.8, 20.3.5.0.9, 20.4.2.2.8, 20.3.5.0.7, 20.6.3.0.7, 20.6.3.0.5, 20.6.3.0.10, 20.6.3.0.2, 20.7.2, 20.9.1EFT2, 20.6.3.0.11, 20.6.3.1, 20.6.3.0.14, 20.6.4, 20.9.1, 20.6.3.0.19, 20.6.3.0.18, 20.3.6, 20.9.1.1, 20.6.3.0.23, 20.6.4.0.4, 20.6.3.0.25, 20.6.5, 20.6.3.0.27, 20.9.2, 20.9.2.1, 20.6.3.0.29, 20.6.3.0.31, 20.6.3.0.32, 20.10.1, 20.6.3.0.33, 20.9.2.0.01, 20.9.1_LI_Images, 20.10.1_LI_Images, 20.9.2_LI_Images, 20.3.7, 20.9.3, 20.6.5.1, 20.11.1, 20.11.1_LI_Images, 20.9.3_LI_ Images, 20.6.3.1.1, 20.9.3.0.2, 20.6.5.1.2, 20.9.3.0.3, 20.4.2.3, 20.6.3.2, 20.6.4.1, 20.6.3.0.38, 20.6.3.0.39, 20.3.5.1, 20.3.4.3, 20.9.3.1, 20.3.3.2, 20.6.5.2, 20.3.7.1, 20.10.1.1, 20.6.5.2.1, 20.3.4.0.25, 20.6.2.2.4, 20.6.1.2, 20.11.1.1, 20.9.3.0.5, 20.3.4.0.26, 20.6.5.1.3, 20.6.3.0.40, 20.1.3.1, 20.9.2.2, 20.6.5.2.3, 20.6.5.1.4, 20.6.5.3, 20.6.3.0.41, 20.9.3.0.7, 20.6.5.1.5, 20.9.3.0.4, 20.6.4.0.19, 20.6.5.1.6, 20.9.3.0.8, 20.6.3.3, 20.3.7.2, 20.6.5.4, 20.6.5.1.7, 20.9.3.0.12, 20.6.4.2, 20.6.5.5, 20.9.3.2, 20.11.1.2, 20.6.3.4, 20.10.1.2, 20.6.5.1.9, 20.9.3.0.16, 20.6.3.0.45, 20.6.5.1.10, 20.9.3.0.17, 20.6.5.2.4, 20.6.4.0.21, 20.9.3.0.18, 20.6.3.0.46, 20.6.3.0.47, 20.9.2.3, 20.9.3.2_LI_Images, 20.9.3.0.21, 20.9.3.0.20, 20.9.4_LI_Images, 20.9.4, 20.6.5.1.11, 20.12.1, 20.12.1_LI_Images, 20.6.5.1.13, 20.9.3.0.23, 20.6.5.2.8, 20.9.4.1, 20.9.4.1_LI_Images, 20.9.3.0.25, 20.9.3.0.24, 20.6.5.1.14, 20.3.8, 20.6.6, 20.9.3.0.26, 20.6.3.0.51, 20.9.3.0.29, 20.12.2, 20.12.2_LI_Images, 20.6.6.0.1, 20.13.1_LI_Images, 20.9.4.0.4, 20.13.1, 20.9.4.1.1, 20.9.5, 20.9.5_LI_Images, 20.12.3_LI_Images, 20.12.3, 20.9.4.1.3, 20.6.7, 20.9.5.1, 20.9.5.1_LI_Images, 20.9.4.1.6, 20.14.1, 20.14.1_LI_Images, 20.9.5.2, 20.9.5.2.1, 20.9.5.2_LI_Images, 20.12.3.1, 20.12.4, 20.15.1_LI_Images, 20.15.1, 20.9.5.1.4, 20.9.5.2.7, 20.9.5.2.13, 20.9.6, 20.9.6_LI_Images, 20.9.5.2.14, 20.6.8, 20.12.4.0.03, 20.16.1, 20.16.1_LI_Images, 20.12.4_LI_Images, 20.9.5.2.16, 20.12.4.0.4, 20.12.401, 20.9.5.3, 20.9.5.3_LI_Images, 20.12.4.1_LI_Images, 20.12.4.1, 20.9.5.2.21, 20.9.6.0.3, 20.12.4.0.6, 20.15.2_LI_Images, 20.15.2, 20.12.4_Monthly_ES5, 20.12.5, 20.12.5_LI_Images, 20.9.7_LI _Images, 20.9.7, 20.15.3, 20.15.3_ LI _Images, 20.12.501, 20.12.5.1_LI_Images, 20.12.5.1, 20.12.5.2_LI_Images, 20.12.5.2, 20.15.3.1, 20.15.4_LI_Images, 20.15.4, 20.9.7.1_LI _Images, 20.9.7.1, 20.18.1, 20.18.1_LI_Images, 20.12.6_LI_Images, 20.12.6, 20.12.5.1.01, 26.0.1, 20.9.8, 20.9.8_LI_Images, 20.18.2, 20.15.4.1_LI_Images, 20.15.4.1, 20.18.2_LI_Images, 26.1.1, 26.1.1_LI_Images, 20.18.2.1_LI_Images, 20.18.2.1, 20.15.4.2_LI_Images, 20.15.4.2, 20.12.6.1, 20.12.6.1_LI_Images, 20.12.5.3, 20.12.5.3_LI_Images, 20.9.8.2_LI_Images, 20.9.8.2, 20.18.3, 20.18.3_LI_Images, 20.15.5, 20.15.5_LI_Images, 20.12.7, 20.12.7_LI_Images, 20.9.9, 20.9.9_LI_Images, 20.18.2.2, 20.18.2.2_LI_Images, 20.12.5.4, 20.12.5.4_LI_ Images, 20.12.7.1_LI_Images, 20.12.6.2_LI_Images, 20.12.7.1

References

Related News (1 articles)

Tier C

VulDB2h ago

CVE-2026-20224 | Cisco Catalyst SD-WAN Manager up to 26.1.1_LI_Images XML File Parser xml external entity reference (cisco-sa-sdwan-mltvnps2-JxpWm7R)

→ No new info (linked only)

CVSS 3.18.6 HIGH

VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

CISA KEV❌ No

Actively exploited❌ No

CWECWE-20

PublishedMay 14, 2026

Last enriched2h agov2

Trending Score37

Source articles1

Independent1

Info Completeness8/14

Missing: epss, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

CRITICALCVE-2026-20127EXPKEV

A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, r

Trending: 117

NONECVE-2026-20188

Cisco Crosswork Network Controller and Cisco Network Services Orchestrator Advisory

Trending: 55

MEDIUMCVE-2026-20209EXP

Cisco Catalyst SD-WAN Manager Privilege Escalation Vulnerability

Trending: 48

MEDIUMCVE-2026-20210

Cisco Catalyst SD-WAN Manager Privilege Escalation Vulnerability

Trending: 28

HIGHCVE-2026-20034EXP

Cisco Unity Connection Remote Code Execution Vulnerability

Trending: 24

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

May 14, 2026

Discovered by ZDM

May 14, 2026

Updated: severity

May 14, 2026

Version History

Last enriched 2h ago

v2Tier C2h ago

Updated affected versions to include 26.1.1_LI_Images and changed severity to MEDIUM.

severity

via VulDB

v13h ago

Initial creation

Description

Affected Products

Vendor

Product

Versions

cis

catalyst sd-wan manager

20.1.12, 19.2.1, 18.4.4, 18.4.5, 20.1.1.1, 20.1.1, 19.3.0, 19.2.2, 19.2.099, 18.3.6, 18.3.7, 19.2.0, 18.3.8, 19.0.0, 19.1.0, 18.4.302, 18.4.303, 19.2.097, 19.2.098, 17.2.10, 18.3.6.1, 19.0.1a, 18.2.0, 18.4.3, 18.4.1, 17.2.8, 18.3.3.1, 18.4.0, 18.3.1, 17.2.6, 17.2.9, 18.3.4, 17.2.5, 18.3.1.1, 18.3.5, 18.4.0.1, 18.3.3, 17.2.7, 17.2.4, 18.3.0, 19.2.3, 18.4.501_ES, 20.3.1, 20.1.2, 19.2.929, 19.2.31, 20.3.2, 19.2.32, 20.3.2_925, 20.3.2.1, 20.3.2.1_927, 18.4.6, 20.1.2_937, 20.4.1, 20.3.2_928, 20.3.2_929, 20.4.1.0.1, 20.3.2.1_930, 19.2.4, 20.5.0.1.1, 20.4.1.1, 20.3.3, 19.2.4.0.1, 20.3.2_937, 20.3.3.1, 20.5.1, 20.1.3, 20.3.3.0.4, 20.3.3.1.2, 20.3.3.1.1, 20.4.1.2, 20.3.3.0.2, 20.4.1.1.5, 20.4.1.0.01, 20.4.1.0.02, 20.3.3.1.7, 20.3.3.1.5, 20.5.1.0.1, 20.3.3.1.10, 20.3.3.0.8, 20.4.2, 20.4.2.0.1, 20.3.4, 20.3.3.0.14, 19.2.4.0.8, 19.2.4.0.9, 20.3.4.0.1, 20.3.2.0.5, 20.6.1, 20.5.1.0.2, 20.3.3.0.17, 20.6.1.1, 20.6.0.18.3, 20.3.2.0.6, 20.6.0.18.4, 20.4.2.0.2, 20.3.3.0.16, 20.3.4.0.5, 20.6.1.0.1, 20.3.4.0.6, 20.6.2, 20.7.1EFT2, 20.3.4.0.9, 20.3.4.0.11, 20.4.2.0.4, 20.3.3.0.18, 20.7.1, 20.6.2.1, 20.3.4.1, 20.5.1.1, 20.4.2.1, 20.4.2.1.1, 20.3.4.1.1, 20.3.813, 20.3.4.0.19, 20.4.2.2.1, 20.5.1.2, 20.3.4.2, 20.3.814, 20.4.2.2, 20.6.2.2, 20.3.4.2.1, 20.7.1.1, 20.3.4.1.2, 20.6.2.2.2, 20.3.4.0.20, 20.6.2.2.3, 20.4.2.2.2, 20.3.5, 20.6.2.0.4, 20.4.2.2.3, 20.3.4.0.24, 20.6.2.2.7, 20.6.3, 20.3.4.2.2, 20.4.2.2.4, 20.7.1.0.2, 20.8.1, 20.3.5.0.8, 20.3.5.0.9, 20.4.2.2.8, 20.3.5.0.7, 20.6.3.0.7, 20.6.3.0.5, 20.6.3.0.10, 20.6.3.0.2, 20.7.2, 20.9.1EFT2, 20.6.3.0.11, 20.6.3.1, 20.6.3.0.14, 20.6.4, 20.9.1, 20.6.3.0.19, 20.6.3.0.18, 20.3.6, 20.9.1.1, 20.6.3.0.23, 20.6.4.0.4, 20.6.3.0.25, 20.6.5, 20.6.3.0.27, 20.9.2, 20.9.2.1, 20.6.3.0.29, 20.6.3.0.31, 20.6.3.0.32, 20.10.1, 20.6.3.0.33, 20.9.2.0.01, 20.9.1_LI_Images, 20.10.1_LI_Images, 20.9.2_LI_Images, 20.3.7, 20.9.3, 20.6.5.1, 20.11.1, 20.11.1_LI_Images, 20.9.3_LI_ Images, 20.6.3.1.1, 20.9.3.0.2, 20.6.5.1.2, 20.9.3.0.3, 20.4.2.3, 20.6.3.2, 20.6.4.1, 20.6.3.0.38, 20.6.3.0.39, 20.3.5.1, 20.3.4.3, 20.9.3.1, 20.3.3.2, 20.6.5.2, 20.3.7.1, 20.10.1.1, 20.6.5.2.1, 20.3.4.0.25, 20.6.2.2.4, 20.6.1.2, 20.11.1.1, 20.9.3.0.5, 20.3.4.0.26, 20.6.5.1.3, 20.6.3.0.40, 20.1.3.1, 20.9.2.2, 20.6.5.2.3, 20.6.5.1.4, 20.6.5.3, 20.6.3.0.41, 20.9.3.0.7, 20.6.5.1.5, 20.9.3.0.4, 20.6.4.0.19, 20.6.5.1.6, 20.9.3.0.8, 20.6.3.3, 20.3.7.2, 20.6.5.4, 20.6.5.1.7, 20.9.3.0.12, 20.6.4.2, 20.6.5.5, 20.9.3.2, 20.11.1.2, 20.6.3.4, 20.10.1.2, 20.6.5.1.9, 20.9.3.0.16, 20.6.3.0.45, 20.6.5.1.10, 20.9.3.0.17, 20.6.5.2.4, 20.6.4.0.21, 20.9.3.0.18, 20.6.3.0.46, 20.6.3.0.47, 20.9.2.3, 20.9.3.2_LI_Images, 20.9.3.0.21, 20.9.3.0.20, 20.9.4_LI_Images, 20.9.4, 20.6.5.1.11, 20.12.1, 20.12.1_LI_Images, 20.6.5.1.13, 20.9.3.0.23, 20.6.5.2.8, 20.9.4.1, 20.9.4.1_LI_Images, 20.9.3.0.25, 20.9.3.0.24, 20.6.5.1.14, 20.3.8, 20.6.6, 20.9.3.0.26, 20.6.3.0.51, 20.9.3.0.29, 20.12.2, 20.12.2_LI_Images, 20.6.6.0.1, 20.13.1_LI_Images, 20.9.4.0.4, 20.13.1, 20.9.4.1.1, 20.9.5, 20.9.5_LI_Images, 20.12.3_LI_Images, 20.12.3, 20.9.4.1.3, 20.6.7, 20.9.5.1, 20.9.5.1_LI_Images, 20.9.4.1.6, 20.14.1, 20.14.1_LI_Images, 20.9.5.2, 20.9.5.2.1, 20.9.5.2_LI_Images, 20.12.3.1, 20.12.4, 20.15.1_LI_Images, 20.15.1, 20.9.5.1.4, 20.9.5.2.7, 20.9.5.2.13, 20.9.6, 20.9.6_LI_Images, 20.9.5.2.14, 20.6.8, 20.12.4.0.03, 20.16.1, 20.16.1_LI_Images, 20.12.4_LI_Images, 20.9.5.2.16, 20.12.4.0.4, 20.12.401, 20.9.5.3, 20.9.5.3_LI_Images, 20.12.4.1_LI_Images, 20.12.4.1, 20.9.5.2.21, 20.9.6.0.3, 20.12.4.0.6, 20.15.2_LI_Images, 20.15.2, 20.12.4_Monthly_ES5, 20.12.5, 20.12.5_LI_Images, 20.9.7_LI _Images, 20.9.7, 20.15.3, 20.15.3_ LI _Images, 20.12.501, 20.12.5.1_LI_Images, 20.12.5.1, 20.12.5.2_LI_Images, 20.12.5.2, 20.15.3.1, 20.15.4_LI_Images, 20.15.4, 20.9.7.1_LI _Images, 20.9.7.1, 20.18.1, 20.18.1_LI_Images, 20.12.6_LI_Images, 20.12.6, 20.12.5.1.01, 26.0.1, 20.9.8, 20.9.8_LI_Images, 20.18.2, 20.15.4.1_LI_Images, 20.15.4.1, 20.18.2_LI_Images, 26.1.1, 26.1.1_LI_Images, 20.18.2.1_LI_Images, 20.18.2.1, 20.15.4.2_LI_Images, 20.15.4.2, 20.12.6.1, 20.12.6.1_LI_Images, 20.12.5.3, 20.12.5.3_LI_Images, 20.9.8.2_LI_Images, 20.9.8.2, 20.18.3, 20.18.3_LI_Images, 20.15.5, 20.15.5_LI_Images, 20.12.7, 20.12.7_LI_Images, 20.9.9, 20.9.9_LI_Images, 20.18.2.2, 20.18.2.2_LI_Images, 20.12.5.4, 20.12.5.4_LI_ Images, 20.12.7.1_LI_Images, 20.12.6.2_LI_Images, 20.12.7.1