Posted on May 8, 2025
Written by Scottie Cole
A critical vulnerability in Cisco Catalyst 9800 wireless controllers could allow attackers to gain remote root access by exploiting a hard-coded JSON Web Token (JWT) in the Out-of-Band AP Image Download feature, which is disabled by default.
Administrators should verify if this feature is enabled and disable it as a temporary mitigation. Cisco has released patches to fully remediate the issue, and Raxis strongly recommends updating to the latest software version as soon as possible.
The Raxis team is reaching out to all Raxis Attack customers who may be affected.
View the Cisco Advisory: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-file-uplpd-rHZG9UfC
Scottie Cole
Scottie has over 20 years working in IT. He has experience with systems administration, networking and wireless, and security. He currently holds certifications as a GIAC Penetration Tester (GPEN) and a Certified Information Security Professional (CISSP). In his spare time, he enjoys learning new technologies, being with family, fishing and going to the beach.
Search The Exploit Blog
Blog Categories
- AI
- Careers
- Choosing a Penetration Testing Company
- Exploits
- How To
- In The News
- Injection Attacks
- Just For Fun
- Meet Our Team
- Mobile Apps
- Networks
- Password Cracking
- Patching
- Penetration Testing
- Phishing
- PTaaS
- Raxis In The Community
- Red Team
- Security Recommendations
- Social Engineering
- Tips For Everyone
- Web Apps
- What People Are Saying
- Wireless
