Vulnslist

Cisco vulnerabilities by product, model, software, and advisory.

Cisco ThousandEyes Enterprise Agent Arbitrary File Overwrite Vulnerability

cisco-sa-te-agentfilewrite-tqUw3SMU · Medium · Published · Updated

A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent could allow an authenticated, local attacker with low privileges to overwrite arbitrary files on the local system of an affected device. This vulnerability is due to improper access controls on files that are on the local file system of an affected device. An attacker could exploit this vulnerability by placing a symbolic link in a specific location on the local file system. A successful exploit could allow the attacker to bypass file system permissions and overwrite arbitrary files on the affected device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-te-agentfilewrite-tqUw3SMU

Cisco advisory · CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

CVEsCVE-2026-20161
Cisco Bug IDsCSCwt47572
CVSS ScoreBase 5.5
Base 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:X/RL:X/RC:X
Product Names From Source
Cisco ThousandEyes Enterprise Agent

Related Products

Product CVE Evidence
Cisco ThousandEyes Enterprise Agent CVE-2026-20161 Cisco OpenVuln