CVSS: 7.4EPSS: 0%CPEs: 147EXPL: 0CVE-2025-20202
https://notcve.org/view.php?id=CVE-2025-20202
07 May 2025 — A vulnerability in Cisco IOS XE Wireless Controller Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of access point (AP) Cisco Discovery Protocol (CDP) neighbor reports when they are processed by the wireless controller. An attacker could exploit this vulnerability by sending a crafted CDP packet to an AP. A successful exploit could allow the attacker to cause an unexpect... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-cdp-dos-fpeks9K • CWE-805: Buffer Access with Incorrect Length Value •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 0CVE-2025-20190
https://notcve.org/view.php?id=CVE-2025-20190
07 May 2025 — A vulnerability in the lobby ambassador web interface of Cisco IOS XE Wireless Controller Software could allow an authenticated, remote attacker to remove arbitrary users that are defined on an affected device. This vulnerability is due to insufficient access control of actions executed by lobby ambassador users. An attacker could exploit this vulnerability by logging in to an affected device with a lobby ambassador user account and sending crafted HTTP requests to the API. A successful exploit could allow ... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-user-del-hQxMpUDj • CWE-284: Improper Access Control •
CVSS: 10.0EPSS: 5%CPEs: 7EXPL: 1CVE-2025-20188
https://notcve.org/view.php?id=CVE-2025-20188
07 May 2025 — A vulnerability in the Out-of-Band Access Point (AP) Image Download feature of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, remote attacker to upload arbitrary files to an affected system. This vulnerability is due to the presence of a hard-coded JSON Web Token (JWT) on an affected system. An attacker could exploit this vulnerability by sending crafted HTTPS requests to the AP image download interface. A successful exploit could allow the attacker to upload files... • https://github.com/Sratet/CVE-2025-20188 • CWE-798: Use of Hard-coded Credentials •
CVSS: 4.3EPSS: 0%CPEs: 13EXPL: 0CVE-2025-20214
https://notcve.org/view.php?id=CVE-2025-20214
07 May 2025 — A vulnerability in the Network Configuration Access Control Module (NACM) of Cisco IOS XE Software could allow an authenticated, remote attacker to obtain unauthorized read access to configuration or operational data. This vulnerability exists because a subtle change in inner API call behavior causes results to be filtered incorrectly. An attacker could exploit this vulnerability by using either NETCONF, RESTCONF, or gRPC Network Management Interface (gNMI) protocols and query data on paths that may have be... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-netconf-nacm-bypass-TGZV9pmQ • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 4.7EPSS: 0%CPEs: 6EXPL: 0CVE-2025-20137
https://notcve.org/view.php?id=CVE-2025-20137
07 May 2025 — A vulnerability in the access control list (ACL) programming of Cisco IOS Software that is running on Cisco Catalyst 1000 Switches and Cisco Catalyst 2960L Switches could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to the use of both an IPv4 ACL and a dynamic ACL of IP Source Guard on the same interface, which is an unsupported configuration. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipsgacl-pg6qfZk • CWE-284: Improper Access Control •
CVSS: 8.6EPSS: 0%CPEs: 92EXPL: 0CVE-2025-20154 – Cisco IOS, IOS XE and IOS XR Software TWAMP Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-20154
07 May 2025 — A vulnerability in the Two-Way Active Measurement Protocol (TWAMP) server feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. For Cisco IOS XR Software, this vulnerability could cause the ipsla_ippm_server process to reload unexpectedly if debugs are enabled. This vulnerability is due to out-of-bounds array access when processing specially crafted TWAMP control p... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-twamp-kV4FHugn • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 29EXPL: 0CVE-2025-20151 – Cisco IOS and IOS XE Software SNMPv3 Configuration Restriction Vulnerability
https://notcve.org/view.php?id=CVE-2025-20151
07 May 2025 — A vulnerability in the implementation of the Simple Network Management Protocol Version 3 (SNMPv3) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to poll an affected device using SNMP, even if the device is configured to deny SNMP traffic from an unauthorized source or the SNMPv3 username is removed from the configuration. This vulnerability exists because of the way that the SNMPv3 configuration is stored in the Cisco IOS Software and Cisco IOS XE Soft... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmpv3-qKEYvzsy • CWE-16: Configuration •
CVSS: 7.8EPSS: 0%CPEs: 40EXPL: 0CVE-2025-20209 – Cisco IOS XR Software Internet Key Exchange Version 2 Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-20209
12 Mar 2025 — A vulnerability in the Internet Key Exchange version 2 (IKEv2) function of Cisco IOS XR Software could allow an unauthenticated, remote attacker to prevent an affected device from processing any control plane UDP packets. This vulnerability is due to improper handling of malformed IKEv2 packets. An attacker could exploit this vulnerability by sending malformed IKEv2 packets to an affected device. A successful exploit could allow the attacker to prevent the affected device from processing any control p... • https://blog.apnic.net/2024/09/02/crafting-endless-as-paths-in-bgp • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.7EPSS: 0%CPEs: 67EXPL: 0CVE-2025-20177 – Cisco IOS XR Software Image Verification Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2025-20177
12 Mar 2025 — A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker to bypass Cisco IOS XR image signature verification and load unverified software on an affected device. To exploit this vulnerability, the attacker must have root-system privileges on the affected device. This vulnerability is due to incomplete validation of files in the boot verification process. An attacker could exploit this vulnerability by manipulating the system configuration options to bypass som... • https://blog.apnic.net/2024/09/02/crafting-endless-as-paths-in-bgp • CWE-274: Improper Handling of Insufficient Privileges •
CVSS: 8.6EPSS: 0%CPEs: 11EXPL: 0CVE-2025-20146 – Cisco IOS XR Software for ASR 9000 Series Routers Layer 3 Multicast Routing Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-20146
12 Mar 2025 — A vulnerability in the Layer 3 multicast feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an unauthenticated, remote attacker to cause a line card to reset, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of malformed IPv4 multicast packets that are received on line cards where the interface has either an IPv4 acces... • https://blog.apnic.net/2024/09/02/crafting-endless-as-paths-in-bgp • CWE-20: Improper Input Validation •