{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-05T05:30:17.187","vulnerabilities":[{"cve":{"id":"CVE-2026-20018","sourceIdentifier":"psirt@cisco.com","published":"2026-03-04T18:16:16.407","lastModified":"2026-03-05T19:39:11.967","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the sftunnel functionality of Cisco Secure Firewall Management Center (FMC) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker with administrative privileges to write arbitrary files as root on the underlying operating system.\r\n\r\nThis vulnerability is due to insufficient validation of the directory path during file synchronization. An attacker could exploit this vulnerability by crafting a directory path outside of the expected file location. A successful exploit could allow the attacker to create or replace any file on the underlying operating system."},{"lang":"es","value":"Una vulnerabilidad en la funcionalidad sftunnel de Cisco Secure Cortafuegos Management Center (FMC) Software y Cisco Secure Cortafuegos Amenaza Defense (FTD) Software podría permitir a un atacante remoto autenticado con privilegios administrativos escribir archivos arbitrarios como root en el sistema operativo subyacente.\n\nEsta vulnerabilidad se debe a una validación insuficiente de la ruta del directorio durante la sincronización de archivos. Un atacante podría explotar esta vulnerabilidad al crear una ruta de directorio fuera de la ubicación de archivo esperada. Un exploit exitoso podría permitir al atacante crear o reemplazar cualquier archivo en el sistema operativo subyacente."}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.7,"impactScore":5.2}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Primary","description":[{"lang":"en","value":"CWE-27"}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-dir-trav-wERgjhWq","source":"psirt@cisco.com"}]}}]}