CVE-2026-20169 - Vulnerability Details

- Cisco IoT Field Network Director Command Injection Vulnerability

Description

A vulnerability in the web-based management interface of Cisco IoT Field Network Director could allow an authenticated, remote attacker with low privileges to access files and execute commands on a remote router.

This vulnerability is due to insufficient input validation of user-supplied data. An attacker could exploit this vulnerability by submitting crafted input in the web-based management interface. A successful exploit could allow the attacker to create, read, or delete files and execute limited commands in user EXEC mode on a remote router.

Published: 2026-05-06

Score: 6.4 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

A command injection flaw exists in the web-based management interface of Cisco IoT Field Network Director. Insufficient input validation allows an authenticated attacker with low‑privilege credentials to submit crafted input that results in arbitrary command execution in the device’s user EXEC environment, and the ability to create, read, or delete files. This gives the attacker code‑execution capability for commands limited to user EXEC mode, potentially enabling further compromise of the router or network.

Affected Systems

Cisco believes the flaw impacts the Cisco IoT Field Network Director appliance. No specific firmware or software version information is provided in the advisory, so all installations of the device should be considered at risk until a patch is applied.

Risk and Exploitability

The vulnerability has a CVSS score of 6.4, reflecting moderate to high impact. The EPSS score is not available, and the flaw is not listed in the CISA KEV catalog. Attackers must first authenticate to the web interface with low‑privilege credentials, a condition that is likely satisfied by many operational accounts. Once authenticated, the attacker can submit malicious input and achieve command injection. The likely attack vector is via the web-based management interface where an authenticated user submits crafted input.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Cisco

Cisco IoT Field Network Director (IoT-FND)

unknown

Version	Status	Constraints
`4.5.1`	affected	—
`4.4.3`	affected	—
`4.1.0`	affected	—
`4.1.3`	affected	—
`4.6.1`	affected	—
`4.1.1`	affected	—
`4.4.0`	affected	—
`4.2.0`	affected	—
`4.4.2`	affected	—
`4.3.0`	affected	—
`4.6.0`	affected	—
`4.4.4`	affected	—
`4.3.2`	affected	—
`4.1.2`	affected	—
`4.4.1`	affected	—
`4.5.0`	affected	—
`4.3.1`	affected	—
`4.7.0`	affected	—
`4.6.2`	affected	—
`4.7.1`	affected	—
`4.7.2`	affected	—
`4.8.0`	affected	—
`4.8.1`	affected	—
`4.9.0`	affected	—
`4.9.1`	affected	—
`4.10.0`	affected	—
`4.9.2`	affected	—
`4.11.0`	affected	—
`4.12.0`	affected	—
`4.12.1`	affected	—

No data.

Vendor Product Confidence Versions

Cisco

Iot Field Network Director

81%

Version	Status	Scheme	Platform
`4.5.1`	affected	semver	—
`4.4.3`	affected	semver	—
`4.1.0`	affected	semver	—
`4.1.3`	affected	semver	—
`4.6.1`	affected	semver	—
`4.1.1`	affected	semver	—
`4.4.0`	affected	semver	—
`4.2.0`	affected	semver	—
`4.4.2`	affected	semver	—
`4.3.0`	affected	semver	—
`4.6.0`	affected	semver	—
`4.4.4`	affected	semver	—
`4.3.2`	affected	semver	—
`4.1.2`	affected	semver	—
`4.4.1`	affected	semver	—
`4.5.0`	affected	semver	—
`4.3.1`	affected	semver	—
`4.7.0`	affected	semver	—
`4.6.2`	affected	semver	—
`4.7.1`	affected	semver	—
`4.7.2`	affected	semver	—
`4.8.0`	affected	semver	—
`4.8.1`	affected	semver	—
`4.9.0`	affected	semver	—
`4.9.1`	affected	semver	—
`4.10.0`	affected	semver	—
`4.9.2`	affected	semver	—
`4.11.0`	affected	semver	—
`4.12.0`	affected	semver	—
`4.12.1`	affected	semver	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Apply the official Cisco security update for the IoT Field Network Director to eliminate the command injection vulnerability.
Restrict user privileges on the management interface so that only necessary functions are available to low‑privilege accounts, or consider removing or disabling the interface for accounts that do not require it.
Limit access to the web‑based management interface by firewall rules, VPN, or bastion hosts to ensure only trusted systems or personnel can reach it.
Continuously monitor logs for anomalous command execution, file modifications, or unauthorized access attempts.

Generated by OpenCVE AI on May 6, 2026 at 17:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00066.

Exploitation none

Automatable no

Technical Impact partial

References

Link	Providers
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iot-fnd-dos-n8N26Q4u

History

Thu, 07 May 2026 18:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Cisco Cisco iot Field Network Director
Vendors & Products		Cisco Cisco iot Field Network Director

Wed, 06 May 2026 18:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 06 May 2026 16:45:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability in the web-based management interface of Cisco IoT Field Network Director could allow an authenticated, remote attacker with low privileges to access files and execute commands on a remote router. This vulnerability is due to insufficient input validation of user-supplied data. An attacker could exploit this vulnerability by submitting crafted input in the web-based management interface. A successful exploit could allow the attacker to create, read, or delete files and execute limited commands in user EXEC mode on a remote router.
Title		Cisco IoT Field Network Director Command Injection Vulnerability
Weaknesses		CWE-77
References		https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iot-fnd-dos-n8N26Q4u
Metrics		cvssV3_1 `{'score': 6.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N'}`

Subscriptions

Cisco Iot Field Network Director

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2026-05-06T16:15:48.405Z

Updated: 2026-05-06T17:26:55.572Z

Reserved: 2025-10-08T11:59:15.391Z

Link: CVE-2026-20169

Vulnrichment

Updated: 2026-05-06T17:26:51.552Z

NVD

Status : Awaiting Analysis

Published: 2026-05-06T17:16:20.743

Modified: 2026-05-06T18:59:53.230

Link: CVE-2026-20169

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-07T18:15:34Z

Weaknesses

CWE-77

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object