Cisco IOS XE无线控制器软件存在严重漏洞CVE-2025-20188,允许未认证攻击者通过硬编码JWT上传文件并获取设备控制权。该漏洞需特定功能启用,默认关闭。建议升级至最新版本修复。 2025-5-29 15:56:56 Author: horizon3.ai(查看原文) 阅读量:18 收藏
Cisco IOS XE Wireless Controller Software Arbitrary File Upload Vulnerability
CVE-2025-20188 is a critical arbitrary file upload vulnerability found in Cisco IOS XE Wireless Controller Software, including versions used in Catalyst 9800 and Embedded Wireless Controllers. It is caused by a hard-coded JSON Web Token (JWT) that allows an unauthenticated, remote attacker to send specially crafted HTTPS requests to the AP image download interface. This functionality requires the Out-of-Band AP Image Download feature to be enabled, which is not the default setting on the affected devices.
Exploiting this vulnerability could enable an attacker to upload files, perform path traversal operations, and execute arbitrary commands with root privileges on the affected system. This could result in full control over the impacted device, posing a significant security risk.
Mitigations
- Reference the vendor advisory and upgrade to the latest patched version.
Rapid Response N-Day Testing
🔗 Cisco IOS XE WLC Arbitrary File Upload Vulnerability (CVE-2025-20188) Analysis
🔗 Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT
Read about other CVEs
NodeZero® Platform
Implement a continuous find, fix, and verify loop with NodeZero
The NodeZero® platform empowers your organization to reduce your security risks by autonomously finding exploitable weaknesses in your network, giving you detailed guidance around how to priortize and fix them, and having you immediately verify that your fixes are effective.
Recognized By
如有侵权请联系:admin#unsafe.sh