CVE-2026-20113

MEDIUM

Cisco IOS XE Software <16.6.1 - CRLF Injection

Title source: llm

Description

A vulnerability in the web-based Cisco IOx application hosting environment management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform a carriage return line feed (CRLF) injection attack against a user. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by sending crafted packets to an affected device. A successful exploit could allow the attacker to arbitrarily inject log entries, manipulate the structure of log files, or obscure legitimate log events.

References (1)

Core 1

Core References

cisco-sa-iox-crlf-NvgKTKJZ

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-crlf-NvgKTKJZ

Scores

CVSS v3 5.3

EPSS 0.0029

EPSS Percentile 20.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-93

Status published

Products (50)

Cisco/Cisco IOS XE Software 16.10.1

Cisco/Cisco IOS XE Software 16.10.1a

Cisco/Cisco IOS XE Software 16.10.1b

Cisco/Cisco IOS XE Software 16.10.1c

Cisco/Cisco IOS XE Software 16.10.1d

Cisco/Cisco IOS XE Software 16.10.1e

Cisco/Cisco IOS XE Software 16.10.1f

Cisco/Cisco IOS XE Software 16.10.1g

Cisco/Cisco IOS XE Software 16.10.1s

Cisco/Cisco IOS XE Software 16.10.2

... and 40 more

Published Mar 25, 2026

Tracked Since Mar 25, 2026