CVE-2025-20334 | Cisco IOS XE up to 17.16.1a HTTP API Subsystem command injection (cisco-sa-ios-xe-cmd-inject-rPJM8BGL)

Inserito da Angelo Barbosa | Set 24, 2025 | CVE

A vulnerability classified as critical has been found in Cisco IOS XE. This affects an unknown function of the component HTTP API Subsystem. The manipulation leads to command injection.

This vulnerability is documented as CVE-2025-20334. The attack can be initiated remotely. There is not any exploit available.

It is recommended to upgrade the affected component.

CVE-2025-20334 | Cisco IOS XE up to 17.16.1a HTTP API Subsystem command injection (cisco-sa-ios-xe-cmd-inject-rPJM8BGL)

Post correlati

CVE-2025-52130 | WebErpMesv2 1.17 FactoryController.php unrestricted upload

CVE-2024-5730 | Pagerank Tools Plugin up to 1.1.5 on WordPress cross site scripting

CVE-2024-34742 | Google Android 14 OwnersData.java shouldWrite denial of service

CVE-2023-46294 | Teledyne FLIR M300 2.00-19 permission