CVE-2026-20127

The repository claims to provide an exploit for CVE-2026-20127 but lacks actual exploit code, instead directing users to an external download link. The README contains detailed usage instructions and technical claims but no functional code or technical analysis.

The repository contains a functional exploit for CVE-2026-20127, a pre-authentication RCE vulnerability in Cisco SD-WAN. The exploit leverages a hardcoded credential mechanism to bypass authentication and deploy a malicious WAR file, achieving remote code execution.

This repository provides a detailed technical analysis of CVE-2026-20127, a critical pre-authentication RCE vulnerability in Cisco SD-WAN. The README includes root cause analysis, exploitation mechanics, and real-world attack scenarios, but the Python exploit code is truncated and incomplete.

This repository contains a functional exploit for CVE-2026-20127, an authentication bypass vulnerability in Cisco Catalyst SD-WAN. The exploit automates the process of retrieving a DCA key, logging in, uploading a WAR file, and verifying exploitation via two detection methods.

The repository claims to exploit CVE-2026-20127 via an unauthenticated remote auth bypass but lacks actual exploit code, instead redirecting users to an external download link (tinyurl.com). The README is detailed but lacks technical depth and includes vague marketing language.

This repository contains a passive fingerprinting tool designed to identify internet-facing Cisco SD-WAN (vManage / Viptela) instances by scanning common ports and analyzing HTTP/HTTPS responses, TLS certificates, and service banners. It does not exploit CVE-2026-20127 but helps detect potentially exposed management interfaces.

This repository contains a detailed architectural documentation and compliance tracker for CISA ED 26-03, focusing on remediation steps for CVE-2026-20127 and CVE-2022-20775. It includes automated scripts to generate architecture diagrams and documentation but does not contain exploit code.

The repository contains a functional exploit for CVE-2026-20127, an authentication bypass vulnerability in Cisco Catalyst SD-WAN. The exploit leverages a directory traversal flaw to upload a malicious WAR file, enabling remote command execution via a deployed JSP webshell.