10

CVE-2025-20188

Medienbericht

Exploit

EPSS 3.11%
Veröffentlicht 07.05.2025 17:34:36
Zuletzt bearbeitet 23.06.2025 15:15:11
Quelle psirt@cisco.com
Teams Watchlist Login
Unerledigt Login

A vulnerability in the Out-of-Band Access Point (AP) Image Download, the Clean Air Spectral Recording, and the client debug bundles features of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, remote attacker to upload arbitrary files to an affected system.

 This vulnerability is due to the presence of a hard-coded JSON Web Token (JWT) on an affected system.  An attacker could exploit this vulnerability by sending crafted HTTPS requests to the AP file upload interface. A successful exploit could allow the attacker to upload files, perform path traversal, and execute arbitrary commands with root privileges.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 6

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Ios Xe Version17.11.1

Cisco ≫ Ios Xe Version17.11.99sw

Cisco ≫ Ios Xe Version17.12.1

Cisco ≫ Ios Xe Version17.12.2

Cisco ≫ Ios Xe Version17.12.3

Cisco ≫ Ios Xe Version17.13.1

Cisco ≫ Ios Xe Version17.14.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	3.11%	0.863

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
psirt@cisco.com	10	3.9	6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE-798 Use of Hard-coded Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

https://www.heise.de/news/Sicherheitsupdates-Root-und-DoS-Attacken-auf-Cisco-Produkte-moeglich-10375924.html

Medienbericht

heise Security

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-file-uplpd-rHZG9UfC

Vendor Advisory

https://horizon3.ai/attack-research/attack-blogs/cisco-ios-xe-wlc-arbitrary-file-upload-vulnerability-cve-2025-20188-analysis/

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2025-20188

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-20188

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-20188

EUVD