CVE-2026-20122 affects Cisco Catalyst SD-WAN Manager and permits arbitrary file overwrites through improper API-level file handling, enabling privilege escalation to vmanage user level via malicious file upload vectors. The vulnerability stems from insufficient validation of file operations on the API interface, allowing an unauthenticated or low-privileged threat actor to manipulate the local file system. Exploitation could result in complete compromise of SD-WAN management infrastructure, particularly in deployments handling enterprise traffic segmentation and routing policies.