CVE-2026-20018 (GCVE-0-2026-20018)
Vulnerability from cvelistv5 – Published: 2026-03-04 17:39 – Updated: 2026-03-04 20:50
VLAI?
Title
Cisco Firepower Management Center Software and Firepower Threat Defense Path Traversal Vulnerability
Summary
A vulnerability in the sftunnel functionality of Cisco Secure Firewall Management Center (FMC) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker with administrative privileges to write arbitrary files as root on the underlying operating system.
This vulnerability is due to insufficient validation of the directory path during file synchronization. An attacker could exploit this vulnerability by crafting a directory path outside of the expected file location. A successful exploit could allow the attacker to create or replace any file on the underlying operating system.
Severity ?
5.9 (Medium)
CWE
- CWE-27 - Path Traversal: 'dir/../../filename'
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Secure Firewall Management Center (FMC) |
Affected:
7.0.0
Affected: 7.0.0.1 Affected: 7.0.1 Affected: 7.1.0 Affected: 7.0.1.1 Affected: 7.1.0.1 Affected: 7.0.2 Affected: 7.2.0 Affected: 7.0.2.1 Affected: 7.0.3 Affected: 7.1.0.2 Affected: 7.2.0.1 Affected: 7.0.4 Affected: 7.2.1 Affected: 7.0.5 Affected: 7.3.0 Affected: 7.2.2 Affected: 7.3.1 Affected: 7.2.3 Affected: 7.1.0.3 Affected: 7.2.3.1 Affected: 7.2.4 Affected: 7.0.6 Affected: 7.2.4.1 Affected: 7.2.5 Affected: 7.3.1.1 Affected: 7.4.0 Affected: 7.0.6.1 Affected: 7.2.5.1 Affected: 7.4.1 Affected: 7.2.6 Affected: 7.4.1.1 Affected: 7.0.6.2 Affected: 7.2.7 Affected: 7.2.5.2 Affected: 7.3.1.2 Affected: 7.2.8 Affected: 7.6.0 Affected: 7.4.2 Affected: 7.2.8.1 Affected: 7.0.6.3 Affected: 7.4.2.1 Affected: 7.2.9 Affected: 7.0.7 Affected: 7.7.0 Affected: 7.4.2.2 Affected: 7.2.10 Affected: 7.6.1 Affected: 7.4.2.3 Affected: 7.0.8 Affected: 7.6.2 Affected: 7.7.10 Affected: 7.2.10.1 Affected: 7.0.8.1 Affected: 7.6.2.1 Affected: 7.2.10.2 Affected: 7.7.10.1 Affected: 7.4.2.4 Affected: 7.4.3 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20018",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-04T20:50:47.125837Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-04T20:50:59.298Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Secure Firewall Management Center (FMC)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "7.0.0.1"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "7.1.0"
},
{
"status": "affected",
"version": "7.0.1.1"
},
{
"status": "affected",
"version": "7.1.0.1"
},
{
"status": "affected",
"version": "7.0.2"
},
{
"status": "affected",
"version": "7.2.0"
},
{
"status": "affected",
"version": "7.0.2.1"
},
{
"status": "affected",
"version": "7.0.3"
},
{
"status": "affected",
"version": "7.1.0.2"
},
{
"status": "affected",
"version": "7.2.0.1"
},
{
"status": "affected",
"version": "7.0.4"
},
{
"status": "affected",
"version": "7.2.1"
},
{
"status": "affected",
"version": "7.0.5"
},
{
"status": "affected",
"version": "7.3.0"
},
{
"status": "affected",
"version": "7.2.2"
},
{
"status": "affected",
"version": "7.3.1"
},
{
"status": "affected",
"version": "7.2.3"
},
{
"status": "affected",
"version": "7.1.0.3"
},
{
"status": "affected",
"version": "7.2.3.1"
},
{
"status": "affected",
"version": "7.2.4"
},
{
"status": "affected",
"version": "7.0.6"
},
{
"status": "affected",
"version": "7.2.4.1"
},
{
"status": "affected",
"version": "7.2.5"
},
{
"status": "affected",
"version": "7.3.1.1"
},
{
"status": "affected",
"version": "7.4.0"
},
{
"status": "affected",
"version": "7.0.6.1"
},
{
"status": "affected",
"version": "7.2.5.1"
},
{
"status": "affected",
"version": "7.4.1"
},
{
"status": "affected",
"version": "7.2.6"
},
{
"status": "affected",
"version": "7.4.1.1"
},
{
"status": "affected",
"version": "7.0.6.2"
},
{
"status": "affected",
"version": "7.2.7"
},
{
"status": "affected",
"version": "7.2.5.2"
},
{
"status": "affected",
"version": "7.3.1.2"
},
{
"status": "affected",
"version": "7.2.8"
},
{
"status": "affected",
"version": "7.6.0"
},
{
"status": "affected",
"version": "7.4.2"
},
{
"status": "affected",
"version": "7.2.8.1"
},
{
"status": "affected",
"version": "7.0.6.3"
},
{
"status": "affected",
"version": "7.4.2.1"
},
{
"status": "affected",
"version": "7.2.9"
},
{
"status": "affected",
"version": "7.0.7"
},
{
"status": "affected",
"version": "7.7.0"
},
{
"status": "affected",
"version": "7.4.2.2"
},
{
"status": "affected",
"version": "7.2.10"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.4.2.3"
},
{
"status": "affected",
"version": "7.0.8"
},
{
"status": "affected",
"version": "7.6.2"
},
{
"status": "affected",
"version": "7.7.10"
},
{
"status": "affected",
"version": "7.2.10.1"
},
{
"status": "affected",
"version": "7.0.8.1"
},
{
"status": "affected",
"version": "7.6.2.1"
},
{
"status": "affected",
"version": "7.2.10.2"
},
{
"status": "affected",
"version": "7.7.10.1"
},
{
"status": "affected",
"version": "7.4.2.4"
},
{
"status": "affected",
"version": "7.4.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Secure Firewall Threat Defense (FTD) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "7.0.0.1"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "7.1.0"
},
{
"status": "affected",
"version": "7.0.1.1"
},
{
"status": "affected",
"version": "7.1.0.1"
},
{
"status": "affected",
"version": "7.0.2"
},
{
"status": "affected",
"version": "7.2.0"
},
{
"status": "affected",
"version": "7.0.2.1"
},
{
"status": "affected",
"version": "7.0.3"
},
{
"status": "affected",
"version": "7.1.0.2"
},
{
"status": "affected",
"version": "7.2.0.1"
},
{
"status": "affected",
"version": "7.0.4"
},
{
"status": "affected",
"version": "7.2.1"
},
{
"status": "affected",
"version": "7.0.5"
},
{
"status": "affected",
"version": "7.3.0"
},
{
"status": "affected",
"version": "7.2.2"
},
{
"status": "affected",
"version": "7.2.3"
},
{
"status": "affected",
"version": "7.3.1"
},
{
"status": "affected",
"version": "7.1.0.3"
},
{
"status": "affected",
"version": "7.2.4"
},
{
"status": "affected",
"version": "7.0.6"
},
{
"status": "affected",
"version": "7.2.5"
},
{
"status": "affected",
"version": "7.2.4.1"
},
{
"status": "affected",
"version": "7.3.1.1"
},
{
"status": "affected",
"version": "7.4.0"
},
{
"status": "affected",
"version": "7.0.6.1"
},
{
"status": "affected",
"version": "7.2.5.1"
},
{
"status": "affected",
"version": "7.4.1"
},
{
"status": "affected",
"version": "7.2.6"
},
{
"status": "affected",
"version": "7.0.6.2"
},
{
"status": "affected",
"version": "7.4.1.1"
},
{
"status": "affected",
"version": "7.2.7"
},
{
"status": "affected",
"version": "7.2.5.2"
},
{
"status": "affected",
"version": "7.3.1.2"
},
{
"status": "affected",
"version": "7.2.8"
},
{
"status": "affected",
"version": "7.6.0"
},
{
"status": "affected",
"version": "7.4.2"
},
{
"status": "affected",
"version": "7.2.8.1"
},
{
"status": "affected",
"version": "7.0.6.3"
},
{
"status": "affected",
"version": "7.4.2.1"
},
{
"status": "affected",
"version": "7.2.9"
},
{
"status": "affected",
"version": "7.0.7"
},
{
"status": "affected",
"version": "7.7.0"
},
{
"status": "affected",
"version": "7.4.2.2"
},
{
"status": "affected",
"version": "7.2.10"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.4.2.3"
},
{
"status": "affected",
"version": "7.0.8"
},
{
"status": "affected",
"version": "7.6.2"
},
{
"status": "affected",
"version": "7.7.10"
},
{
"status": "affected",
"version": "7.0.8.1"
},
{
"status": "affected",
"version": "7.6.2.1"
},
{
"status": "affected",
"version": "7.7.10.1"
},
{
"status": "affected",
"version": "7.4.2.4"
},
{
"status": "affected",
"version": "7.2.10.2"
},
{
"status": "affected",
"version": "7.4.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the sftunnel functionality of Cisco Secure Firewall Management Center (FMC) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker with administrative privileges to write arbitrary files as root on the underlying operating system.\r\n\r\nThis vulnerability is due to insufficient validation of the directory path during file synchronization. An attacker could exploit this vulnerability by crafting a directory path outside of the expected file location. A successful exploit could allow the attacker to create or replace any file on the underlying operating system."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-27",
"description": "Path Traversal: \u0027dir/../../filename\u0027",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-04T17:39:46.973Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ftdfmc-dir-trav-wERgjhWq",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-dir-trav-wERgjhWq"
}
],
"source": {
"advisory": "cisco-sa-ftdfmc-dir-trav-wERgjhWq",
"defects": [
"CSCwq56017"
],
"discovery": "INTERNAL"
},
"title": "Cisco Firepower Management Center Software and Firepower Threat Defense Path Traversal Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20018",
"datePublished": "2026-03-04T17:39:46.973Z",
"dateReserved": "2025-10-08T11:59:15.351Z",
"dateUpdated": "2026-03-04T20:50:59.298Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2026-20018\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2026-03-04T18:16:16.407\",\"lastModified\":\"2026-03-05T19:39:11.967\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the sftunnel functionality of Cisco Secure Firewall Management Center (FMC) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker with administrative privileges to write arbitrary files as root on the underlying operating system.\\r\\n\\r\\nThis vulnerability is due to insufficient validation of the directory path during file synchronization. An attacker could exploit this vulnerability by crafting a directory path outside of the expected file location. A successful exploit could allow the attacker to create or replace any file on the underlying operating system.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.7,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-27\"}]}],\"references\":[{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-dir-trav-wERgjhWq\",\"source\":\"psirt@cisco.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-20018\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-04T20:50:47.125837Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-04T20:50:55.761Z\"}}], \"cna\": {\"title\": \"Cisco Firepower Management Center Software and Firepower Threat Defense Path Traversal Vulnerability\", \"source\": {\"defects\": [\"CSCwq56017\"], \"advisory\": \"cisco-sa-ftdfmc-dir-trav-wERgjhWq\", \"discovery\": \"INTERNAL\"}, \"metrics\": [{\"format\": \"cvssV3_1\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.9, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco Secure Firewall Management Center (FMC)\", \"versions\": [{\"status\": \"affected\", \"version\": \"7.0.0\"}, {\"status\": \"affected\", \"version\": \"7.0.0.1\"}, {\"status\": \"affected\", \"version\": \"7.0.1\"}, {\"status\": \"affected\", \"version\": \"7.1.0\"}, {\"status\": \"affected\", \"version\": \"7.0.1.1\"}, {\"status\": \"affected\", \"version\": \"7.1.0.1\"}, {\"status\": \"affected\", \"version\": \"7.0.2\"}, {\"status\": \"affected\", \"version\": \"7.2.0\"}, {\"status\": \"affected\", \"version\": \"7.0.2.1\"}, {\"status\": \"affected\", \"version\": \"7.0.3\"}, {\"status\": \"affected\", \"version\": \"7.1.0.2\"}, {\"status\": \"affected\", \"version\": \"7.2.0.1\"}, {\"status\": \"affected\", \"version\": \"7.0.4\"}, {\"status\": \"affected\", \"version\": \"7.2.1\"}, {\"status\": \"affected\", \"version\": \"7.0.5\"}, {\"status\": \"affected\", \"version\": \"7.3.0\"}, {\"status\": \"affected\", \"version\": \"7.2.2\"}, {\"status\": \"affected\", \"version\": \"7.3.1\"}, {\"status\": \"affected\", \"version\": \"7.2.3\"}, {\"status\": \"affected\", \"version\": \"7.1.0.3\"}, {\"status\": \"affected\", \"version\": \"7.2.3.1\"}, {\"status\": \"affected\", \"version\": \"7.2.4\"}, {\"status\": \"affected\", \"version\": \"7.0.6\"}, {\"status\": \"affected\", \"version\": \"7.2.4.1\"}, {\"status\": \"affected\", \"version\": \"7.2.5\"}, {\"status\": \"affected\", \"version\": \"7.3.1.1\"}, {\"status\": \"affected\", \"version\": \"7.4.0\"}, {\"status\": \"affected\", \"version\": \"7.0.6.1\"}, {\"status\": \"affected\", \"version\": \"7.2.5.1\"}, {\"status\": \"affected\", \"version\": \"7.4.1\"}, {\"status\": \"affected\", \"version\": \"7.2.6\"}, {\"status\": \"affected\", \"version\": \"7.4.1.1\"}, {\"status\": \"affected\", \"version\": \"7.0.6.2\"}, {\"status\": \"affected\", \"version\": \"7.2.7\"}, {\"status\": \"affected\", \"version\": \"7.2.5.2\"}, {\"status\": \"affected\", \"version\": \"7.3.1.2\"}, {\"status\": \"affected\", \"version\": \"7.2.8\"}, {\"status\": \"affected\", \"version\": \"7.6.0\"}, {\"status\": \"affected\", \"version\": \"7.4.2\"}, {\"status\": \"affected\", \"version\": \"7.2.8.1\"}, {\"status\": \"affected\", \"version\": \"7.0.6.3\"}, {\"status\": \"affected\", \"version\": \"7.4.2.1\"}, {\"status\": \"affected\", \"version\": \"7.2.9\"}, {\"status\": \"affected\", \"version\": \"7.0.7\"}, {\"status\": \"affected\", \"version\": \"7.7.0\"}, {\"status\": \"affected\", \"version\": \"7.4.2.2\"}, {\"status\": \"affected\", \"version\": \"7.2.10\"}, {\"status\": \"affected\", \"version\": \"7.6.1\"}, {\"status\": \"affected\", \"version\": \"7.4.2.3\"}, {\"status\": \"affected\", \"version\": \"7.0.8\"}, {\"status\": \"affected\", \"version\": \"7.6.2\"}, {\"status\": \"affected\", \"version\": \"7.7.10\"}, {\"status\": \"affected\", \"version\": \"7.2.10.1\"}, {\"status\": \"affected\", \"version\": \"7.0.8.1\"}, {\"status\": \"affected\", \"version\": \"7.6.2.1\"}, {\"status\": \"affected\", \"version\": \"7.2.10.2\"}, {\"status\": \"affected\", \"version\": \"7.7.10.1\"}, {\"status\": \"affected\", \"version\": \"7.4.2.4\"}, {\"status\": \"affected\", \"version\": \"7.4.3\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Cisco\", \"product\": \"Cisco Secure Firewall Threat Defense (FTD) Software\", \"versions\": [{\"status\": \"affected\", \"version\": \"7.0.0\"}, {\"status\": \"affected\", \"version\": \"7.0.0.1\"}, {\"status\": \"affected\", \"version\": \"7.0.1\"}, {\"status\": \"affected\", \"version\": \"7.1.0\"}, {\"status\": \"affected\", \"version\": \"7.0.1.1\"}, {\"status\": \"affected\", \"version\": \"7.1.0.1\"}, {\"status\": \"affected\", \"version\": \"7.0.2\"}, {\"status\": \"affected\", \"version\": \"7.2.0\"}, {\"status\": \"affected\", \"version\": \"7.0.2.1\"}, {\"status\": \"affected\", \"version\": \"7.0.3\"}, {\"status\": \"affected\", \"version\": \"7.1.0.2\"}, {\"status\": \"affected\", \"version\": \"7.2.0.1\"}, {\"status\": \"affected\", \"version\": \"7.0.4\"}, {\"status\": \"affected\", \"version\": \"7.2.1\"}, {\"status\": \"affected\", \"version\": \"7.0.5\"}, {\"status\": \"affected\", \"version\": \"7.3.0\"}, {\"status\": \"affected\", \"version\": \"7.2.2\"}, {\"status\": \"affected\", \"version\": \"7.2.3\"}, {\"status\": \"affected\", \"version\": \"7.3.1\"}, {\"status\": \"affected\", \"version\": \"7.1.0.3\"}, {\"status\": \"affected\", \"version\": \"7.2.4\"}, {\"status\": \"affected\", \"version\": \"7.0.6\"}, {\"status\": \"affected\", \"version\": \"7.2.5\"}, {\"status\": \"affected\", \"version\": \"7.2.4.1\"}, {\"status\": \"affected\", \"version\": \"7.3.1.1\"}, {\"status\": \"affected\", \"version\": \"7.4.0\"}, {\"status\": \"affected\", \"version\": \"7.0.6.1\"}, {\"status\": \"affected\", \"version\": \"7.2.5.1\"}, {\"status\": \"affected\", \"version\": \"7.4.1\"}, {\"status\": \"affected\", \"version\": \"7.2.6\"}, {\"status\": \"affected\", \"version\": \"7.0.6.2\"}, {\"status\": \"affected\", \"version\": \"7.4.1.1\"}, {\"status\": \"affected\", \"version\": \"7.2.7\"}, {\"status\": \"affected\", \"version\": \"7.2.5.2\"}, {\"status\": \"affected\", \"version\": \"7.3.1.2\"}, {\"status\": \"affected\", \"version\": \"7.2.8\"}, {\"status\": \"affected\", \"version\": \"7.6.0\"}, {\"status\": \"affected\", \"version\": \"7.4.2\"}, {\"status\": \"affected\", \"version\": \"7.2.8.1\"}, {\"status\": \"affected\", \"version\": \"7.0.6.3\"}, {\"status\": \"affected\", \"version\": \"7.4.2.1\"}, {\"status\": \"affected\", \"version\": \"7.2.9\"}, {\"status\": \"affected\", \"version\": \"7.0.7\"}, {\"status\": \"affected\", \"version\": \"7.7.0\"}, {\"status\": \"affected\", \"version\": \"7.4.2.2\"}, {\"status\": \"affected\", \"version\": \"7.2.10\"}, {\"status\": \"affected\", \"version\": \"7.6.1\"}, {\"status\": \"affected\", \"version\": \"7.4.2.3\"}, {\"status\": \"affected\", \"version\": \"7.0.8\"}, {\"status\": \"affected\", \"version\": \"7.6.2\"}, {\"status\": \"affected\", \"version\": \"7.7.10\"}, {\"status\": \"affected\", \"version\": \"7.0.8.1\"}, {\"status\": \"affected\", \"version\": \"7.6.2.1\"}, {\"status\": \"affected\", \"version\": \"7.7.10.1\"}, {\"status\": \"affected\", \"version\": \"7.4.2.4\"}, {\"status\": \"affected\", \"version\": \"7.2.10.2\"}, {\"status\": \"affected\", \"version\": \"7.4.3\"}], \"defaultStatus\": \"unknown\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"references\": [{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-dir-trav-wERgjhWq\", \"name\": \"cisco-sa-ftdfmc-dir-trav-wERgjhWq\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the sftunnel functionality of Cisco Secure Firewall Management Center (FMC) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker with administrative privileges to write arbitrary files as root on the underlying operating system.\\r\\n\\r\\nThis vulnerability is due to insufficient validation of the directory path during file synchronization. An attacker could exploit this vulnerability by crafting a directory path outside of the expected file location. A successful exploit could allow the attacker to create or replace any file on the underlying operating system.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"cwe\", \"cweId\": \"CWE-27\", \"description\": \"Path Traversal: \u0027dir/../../filename\u0027\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2026-03-04T17:39:46.973Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-20018\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-03-04T20:50:59.298Z\", \"dateReserved\": \"2025-10-08T11:59:15.351Z\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2026-03-04T17:39:46.973Z\", \"assignerShortName\": \"cisco\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…