Lucene search
K

5 matches found

Wallarm Lab
Wallarm Lab
added 2025/05/12 1:37 p.m.49 views

The Ongoing Risks of Hardcoded JWT Keys

In early May 2025, Cisco released software fixes to address a flaw in its IOS XE Software for Wireless LAN Controllers WLCs. The vulnerability, tracked as CVE-2025-20188, has a CVSS score of 10.0 and could enable an unauthenticated, remote attacker to upload arbitrary files to a susceptible syste...

10CVSS8.2AI score0.67914EPSS
Exploits6
The Hacker News
The Hacker News
added 2025/05/08 4:57 a.m.47 views

Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT

Cisco has released software fixes to address a maximum-severity security flaw in its IOS XE Wireless Controller that could enable an unauthenticated, remote attacker to upload arbitrary files to a susceptible system. The vulnerability, tracked as CVE-2025-20188 , has been rated 10.0 on the CVSS...

10CVSS9.8AI score0.17894EPSS
Exploits1
Circl
Circl
added 2025/05/07 6:41 p.m.80 views

CVE-2025-20188

creationtimestamp| type| source ---|---|--- 2025-05-07 18:41:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lom2f62b632p 2025-05-08 02:43:45+00:00| seen| https://bsky.app/profile/dinosn.bsky.social/post/3lomvcpjlfc2z 2025-05-08 02:57:00+00:00| seen|...

10CVSS6.9AI score0.17894EPSS
Exploits1References125
NVD
NVD
added 2025/05/07 6:15 p.m.32 views

CVE-2025-20188

A vulnerability in the Out-of-Band Access Point AP Image Download, the Clean Air Spectral Recording, and the client debug bundles features of Cisco IOS XE Software for Wireless LAN Controllers WLCs could allow an unauthenticated, remote attacker to upload arbitrary files to an affected system. Th...

10CVSS0.17894EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/05/07 5:34 p.m.151 views

CVE-2025-20188

A vulnerability in the Out-of-Band Access Point AP Image Download, the Clean Air Spectral Recording, and the client debug bundles features of Cisco IOS XE Software for Wireless LAN Controllers WLCs could allow an unauthenticated, remote attacker to upload arbitrary files to an affected system. Th...

10CVSS0.17894EPSS
Exploits1References1
Rows per page
Query Builder