Path traversal in Cisco DNA Center (Catalyst Center) - CVE-2026-20191
Published: July 2, 2026
Cisco DNA Center (Catalyst Center)
Detailed vulnerability description
The vulnerability allows a remote attacker to disclose sensitive information.
The vulnerability exists due to path traversal in the HTTP request handling component when processing user-supplied input. A remote attacker can send a crafted HTTP request to disclose sensitive information.
The issue allows reading arbitrary files from a restricted container on the affected device.