CVE-2025-20338 | Cisco IOS XE up to 17.16.1a CLI User parameter/argument delimiters (cisco-sa-iosxe-arg-inject-EyDDbh4e)

Inserito da Angelo Barbosa | Set 24, 2025 | CVE

A vulnerability categorized as critical has been discovered in Cisco IOS XE. The affected element is an unknown function of the component CLI. Such manipulation of the argument User leads to improper neutralization of parameter/argument delimiters.

This vulnerability is referenced as CVE-2025-20338. The attack can only be performed from a local environment. No exploit is available.

It is advisable to upgrade the affected component.

CVE-2025-20338 | Cisco IOS XE up to 17.16.1a CLI User parameter/argument delimiters (cisco-sa-iosxe-arg-inject-EyDDbh4e)

Post correlati

CVE-2024-42677 | Huizhi Enterprise Resource Management System up to 1.0 /nssys/common/filehandle information disclosure

CVE-2024-5515 | SourceCodester Stock Management System 1.0 createBrand.php brandName sql injection

CVE-2025-27801 | Optimizely Episerver Content Management System up to 11.21.3/12.22.0 SVG File cross site scripting

CVE-2024-21849 | F5 BIG-IP Advanced WAF/BIG-IP ASM up to 16.1.3 Traffic Management Microkernel return of pointer value outside of expected range (K000135873)