Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-20188 |
Description:
A vulnerability in the Out-of-Band Access Point (AP) Image Download feature of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, remote attacker to upload arbitrary files to an affected system.
This vulnerability is due to the presence of a hard-coded JSON Web Token (JWT) on an affected system. An attacker could exploit this vulnerability by sending crafted HTTPS requests to the AP image download interface. A successful exploit could allow the attacker to upload files, perform path traversal, and execute arbitrary commands with root privileges.
Note: For exploitation to be successful, the Out-of-Band AP Image Download feature must be enabled on the device. It is not enabled by default.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-file-uplpd-rHZG9UfC
This advisory is part of the May 2025 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: May 2025 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication.
Security Impact Rating: Critical
CVE: CVE-2025-20188
EPSS Score: 5.82%
May 7th, 2025 (29 days ago)
|
|
CVE-2025-20140 |
Description:
A vulnerability in the Wireless Network Control daemon (wncd) of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, adjacent wireless attacker to cause a denial of service (DoS) condition.
This vulnerability is due to improper memory management. An attacker could exploit this vulnerability by sending a series of IPv6 network requests from an associated wireless IPv6 client to an affected device. To associate a client to a device, an attacker may first need to authenticate to the network, or associate freely in the case of a configured open network. A successful exploit could allow the attacker to cause the wncd process to consume available memory and eventually cause the device to stop responding, resulting in a DoS condition.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-wncd-p6Gvt6HL
This advisory is part of the May 2025 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: May 2025 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication.
Security Impact Rating: High
CVE: CVE-2025-20140
EPSS Score: 0.02%
May 7th, 2025 (29 days ago)
|
|
Description: Cisco joins the agentic AI wave with the introduction of advanced LLMs to autonomously verify and investigate attacks.
May 1st, 2025 (about 1 month ago)
|
|
Description: All data of this company will be available for download on 11.05.2025.Founded in 2015 by Jon de la Cruz, De la Cruz Interior Design (DLC-ID) is a distinguished residential and hospitality design firm based in San Francisco. At his namesake fi ...
April 30th, 2025 (about 1 month ago)
|
|
Description: Cisco Talos discovered a sophisticated attack on critical infrastructure by ToyMaker and Cactus, using the LAGTOY backdoor to orchestrate a relentless double extortion scheme.
April 23rd, 2025 (about 1 month ago)
|
|
Description: Cybersecurity researchers are warning of a "widespread and ongoing" SMS phishing campaign that's been targeting toll road users in the United States for financial theft since mid-October 2024.
"The toll road smishing attacks are being carried out by multiple financially motivated threat actors using the smishing kit developed by 'Wang Duo Yu,'" Cisco Talos researchers Azim Khodjibaev, Chetan
April 18th, 2025 (about 2 months ago)
|
|
Description: Cisco has released security updates for a high-severity Webex vulnerability that allows unauthenticated attackers to gain client-side remote code execution using malicious meeting invite links. [...]
April 18th, 2025 (about 2 months ago)
|
|
Description: Cybersecurity researchers are warning of continued risks posed by a distributed denial-of-service (DDoS) malware known as XorDDoS, with 71.3 percent of the attacks between November 2023 and February 2025 targeting the United States.
"From 2020 to 2023, the XorDDoS trojan has increased significantly in prevalence," Cisco Talos researcher Joey Chen said in a Thursday analysis.
April 18th, 2025 (about 2 months ago)
|
|
Description: A newly upgraded version of a long-running malware strain called XorDDoS is being used to launch powerful distributed denial-of-service (DDoS) attacks, with the United States emerging as the primary target. According to new research from Cisco Talos, over 70% of attempted attacks using the XorDDoS malware between late 2023 and early 2025 were aimed at …
The post New “VIP” XorDDoS Malware Targets U.S. in Global Botnet Expansion appeared first on CyberInsider.
April 17th, 2025 (about 2 months ago)
|
|
Description: Cisco Talos observed the ongoing global spread of the XorDDoS malware, predominantly targeting the United States, with evidence suggesting Chinese-speaking operators are using sophisticated tools to orchestrate widespread attacks.
April 17th, 2025 (about 2 months ago)
|