10

CVE-2025-20188

Medienbericht

Exploit

EPSS 4.62%
Veröffentlicht 07.05.2025 17:34:36
Zuletzt bearbeitet 23.06.2025 15:15:11
Quelle psirt@cisco.com
CVE-Watchlists
Login
Unerledigt
Login

A vulnerability in the Out-of-Band Access Point (AP) Image Download, the Clean Air Spectral Recording, and the client debug bundles features of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, remote attacker to upload arbitrary files to an affected system.

 This vulnerability is due to the presence of a hard-coded JSON Web Token (JWT) on an affected system.  An attacker could exploit this vulnerability by sending crafted HTTPS requests to the AP file upload interface. A successful exploit could allow the attacker to upload files, perform path traversal, and execute arbitrary commands with root privileges.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 6

NVD 7 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Ios Xe Version17.11.1

Cisco ≫ Ios Xe Version17.11.99sw

Cisco ≫ Ios Xe Version17.12.1

Cisco ≫ Ios Xe Version17.12.2

Cisco ≫ Ios Xe Version17.12.3

Cisco ≫ Ios Xe Version17.13.1

Cisco ≫ Ios Xe Version17.14.1

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	4.62%	0.894

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
psirt@cisco.com	10	3.9	6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE-798 Use of Hard-coded Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

https://www.heise.de/news/Sicherheitsupdates-Root-und-DoS-Attacken-auf-Cisco-Produkte-moeglich-10375924.html

Media Report

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-file-uplpd-rHZG9UfC

Vendor Advisory

https://horizon3.ai/attack-research/attack-blogs/cisco-ios-xe-wlc-arbitrary-file-upload-vulnerability-cve-2025-20188-analysis/

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2025-20188

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-20188

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-20188

EUVD