Zero Day MonitorZDM
DashboardVulnerabilitiesTrendingZero-DaysNewsAbout
Login
ImpressumPrivacy Policy
Zero Day Monitor © 2026
4191 articles · 176248 vulns · 36/41 feeds (7d)
← Back to list
6.4
CVE-2026-20169
Cisco · Cisco IoT Field Network Director (IoT-FND)

Cisco IoT Field Network Director Command Injection Vulnerability

Description

A vulnerability in the web-based management interface of Cisco IoT Field Network Director could allow an authenticated, remote attacker with low privileges to access files and execute commands on a remote router. This vulnerability is due to insufficient input validation of user-supplied data. An attacker could exploit this vulnerability by submitting crafted input in the web-based management interface. A successful exploit could allow the attacker to create, read, or delete files and execute limited commands in user EXEC mode on a remote router.

Affected Products

VendorProductVersions
CiscoCisco IoT Field Network Director (IoT-FND)4.5.1, 4.4.3, 4.1.0, 4.1.3, 4.6.1, 4.1.1, 4.4.0, 4.2.0, 4.4.2, 4.3.0, 4.6.0, 4.4.4, 4.3.2, 4.1.2, 4.4.1, 4.5.0, 4.3.1, 4.7.0, 4.6.2, 4.7.1, 4.7.2, 4.8.0, 4.8.1, 4.9.0, 4.9.1, 4.10.0, 4.9.2, 4.11.0, 4.12.0, 4.12.1

References

  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iot-fnd-dos-n8N26Q4u

Related News (3 articles)

Tier B
CERT-FR69d ago
Multiples vulnérabilités dans les produits Cisco (07 mai 2026)
→ No new info (linked only)
Tier C
VulDB70d ago
CVE-2026-20169 | Cisco IoT Field Network Director up to 4.12.1 Web-based Management Interface command injection (cisco-sa-iot-fnd-dos-n8N26Q4u)
→ No new info (linked only)
Tier A
Cisco Security70d ago
Cisco IoT Field Network Director Vulnerabilities
→ No new info (linked only)
CVSS 3.16.4 MEDIUM
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
CISA KEV❌ No
Actively exploited❌ No
CWECWE-77
PublishedMay 6, 2026
Last enriched70d ago
Trending Score0
Source articles3
Independent3
Info Completeness8/14
Missing: epss, kev, exploit, patch, iocs, mitre_attack

Community Vote

0
Login to vote
0 upvotes0 downvotes
No votes yet

Related CVEs (5)

PRE-CVE
Multiple vulnerabilities in Cisco RoomOS
Trending: 20
PRE-CVE
Cisco Advance Notification for Publication of July 1, 2026, Security Advisories
Trending: 2
PRE-CVEEXP
COM Usage in Windows Threats
Trending: 2
MEDIUMCVE-2026-20220
Cisco Crosswork Network Controller Remote Code Execution Vulnerability
Trending: 2
MEDIUMCVE-2026-20171
Cisco Nexus 3000 and 9000 Series Border Gateway Protocol Denial of Service Vulnerability

Pin to Dashboard

Verification

State: verified
Confidence: 0%

Vulnerability Timeline

CVE Published
May 6, 2026
Discovered by ZDM
May 6, 2026