Medium6.3Cisco Updated
Cisco ThousandEyes Enterprise Agent BrowserBot Command Injection Vulnerability
cisco-sa-tebbot-cmdinj-wN3yQ5gn Published May 20, 2026Updated by vendor May 20, 2026
CVE-2026-20206
Affected products & platforms
CiscoUnclassified
Summary
A vulnerability in the BrowserBot component of Cisco ThousandEyes Enterprise Agent could have allowed an authenticated, remote attacker to execute arbitrary commands on Agents on behalf of the BrowserBot synthetics orchestration process. Cisco has addressed this vulnerability in the Cisco ThousandEyes Enterprise Agent, and no customer action is needed.
Affected versions
- Scope: This vulnerability affects Cisco ThousandEyes BrowserBot, which is cloud based.
Official advisory · high-confidence parse· fetched 1 day ago·verify at source
Mitigation checklist
Temporary workarounds
- There are no workarounds that address this vulnerability.
Official advisory · high-confidence parse· fetched 1 day ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.