⚠ Actively exploited
Added to CISA KEV on 2026-02-25. Federal agencies required to patch by 2026-02-27. Required action: Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available..

CVE-2022-20775Path Traversal: '/../filedir' in Cisco Catalyst Sd-wan Manager

CWE-25Path Traversal: '/../filedir'CWE-22Path TraversalCWE-282Improper Ownership Management7 documents7 sources
Severity
7.8HIGHNVD
EPSS
0.4%
top 37.27%
CISA KEV
KEV
Added 2026-02-25
Due 2026-02-27
Exploit
No known exploits
Affected products
10
Cisco Catalyst Sd-wan ManagerCisco Sd-wanCisco Sd-wan Vbond Orchestrator+7 more
Timeline
PublishedSep 30
KEV addedFeb 25
KEV dueFeb 27
CISA Required Action: Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.

Description

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. This vulnerability is due to improper access controls on commands within the application CLI. An attacker could exploit this vulnerability by running a maliciously crafted command on the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user. Cisco has released software updates that address this vulnerability. There

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages10 packages

NVDcisco/sd-wan20.720.7.2+2
NVDcisco/sd-wan_vedge_cloud20.720.7.2+2
NVDcisco/catalyst_sd-wan_manager20.720.7.2+2
NVDcisco/sd-wan_vsmart_controller20.720.7.2+2
NVDcisco/sd-wan_vbond_orchestrator20.720.7.2+2

🔴Vulnerability Details

3
GHSA
GHSA-x65r-rvgh-v43v: Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges2022-10-01
CVEList
Cisco SD-WAN Software Privilege Escalation Vulnerability2022-09-30
VulnCheck
Cisco SD-WAN Path Traversal Vulnerability2022

📋Vendor Advisories

2
CISA
Cisco SD-WAN Path Traversal Vulnerability2026-02-25
Cisco
Cisco SD-WAN Software Privilege Escalation Vulnerabilities2022-09-28

🕵️Threat Intelligence

1
Threat Intel
UAT-8616
CVE-2022-20775 — Path Traversal: '/../filedir' in Cisco | cvebase