Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

CVE-2026-20206— Cisco ThousandEyes BrowserBot Command Injection Vulnerability

CVSS 6.3 · Medium EPSS 0.12% · P31

Affected Version Matrix 10

VendorProductVersion RangeStatus
CiscoCisco ThousandEyes Enterprise AgentAgent 5.0affected
Agent 4.4.4affected
Agent 4.4.3affected
Agent 4.4.2affected
Agent 4.2affected
Agent 4.1affected
Agent 4.0affected
Agent 5.1affected
… +2 more rows
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-20206

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Cisco ThousandEyes BrowserBot Command Injection Vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability in the BrowserBot component of Cisco ThousandEyes Enterprise Agent could have allowed an authenticated, remote attacker to execute arbitrary commands on Agents on behalf of the BrowserBot synthetics orchestration process. Cisco has addressed this vulnerability in the Cisco ThousandEyes Enterprise Agent, and no customer action is needed. This vulnerability was due to insufficient input validation of command arguments that are supplied by the user. Prior to this vulnerability being addressed, an attacker could have exploited this vulnerability by authenticating to the ThousandEyes SaaS and submitting crafted input into the affected parameter. A successful exploit could have allowed the attacker to execute arbitrary commands within the BrowserBot container as the node user. To exploit this vulnerability, the attacker must have valid user credentials for the ThousandEyes SaaS and the ability to manage transaction tests.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Source: NVD (National Vulnerability Database)
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Cisco ThousandEyes Enterprise Agent 操作系统命令注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cisco ThousandEyes Enterprise Agent是美国思科(Cisco)公司的一个应用程序。提供了扩展的可视性、自动化的见解和无缝的工作流程。 Cisco ThousandEyes Enterprise Agent存在操作系统命令注入漏洞,该漏洞源于BrowserBot组件中命令参数输入验证不足,可能导致认证远程攻击者以节点用户身份执行任意命令。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
CiscoCisco ThousandEyes Enterprise Agent Agent 5.0 -

II. Public POCs for CVE-2026-20206

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-20206

登录查看更多情报信息。

Vendor Advisories for CVE-2026-20206 (1)

Same Patch Batch · Cisco · 2026-05-20 · 4 CVEs total

CVE-2026-2022310.0 CRITICALCisco Secure Workload Unauthorized API Access Vulnerability
CVE-2026-201716.8 MEDIUMCisco Nexus 3000 and 9000 Series Border Gateway Protocol Denial of Service Vulnerability
CVE-2026-201994.7 MEDIUMCisco ThousandEyes Virtual Appliance 注入漏洞

IV. Related Vulnerabilities

Same product: Cisco ThousandEyes Enterprise Agent
Same vendor: Cisco
Same weakness: CWE-78

V. Comments for CVE-2026-20206

No comments yet

Leave a comment