Cisco Releases Patch for CVE-2025-20188 – 10.0 CVSS

Categories: , , ,

Posted on

By

Cisco Releases Patch for CVE-2025-20188 – 10.0 CVSS

A critical vulnerability in Cisco Catalyst 9800 wireless controllers could allow attackers to gain remote root access by exploiting a hard-coded JSON Web Token (JWT) in the Out-of-Band AP Image Download feature, which is disabled by default.

Administrators should verify if this feature is enabled and disable it as a temporary mitigation. Cisco has released patches to fully remediate the issue, and Raxis strongly recommends updating to the latest software version as soon as possible.

The Raxis team is reaching out to all Raxis Attack customers who may be affected.

View the Cisco Advisory: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-file-uplpd-rHZG9UfC


More From Raxis

  • OWASP Top 10 for LLM Applications

    OWASP Top 10 for LLM Applications Penetration Testing

    By Jason Taylor • July 15, 2025
  • Choosing a Penetration Testing Company: Part 2

    Choosing a Penetration Testing Company: Part 2

    By Brad Herring • July 1, 2025
  • Wireless Series: Using Wifite to Capture and Crack a WPA2 Pre-Shared Key

    Wireless Series: Using Wifite to Capture and Crack a WPA2 Pre-Shared Key for Penetration Testing

    By Scottie Cole • June 17, 2025
  • Jailbreak Journey: Transforming an iPad for Mobile App Penetration Testing

    Jailbreak Journey: Transforming an iPad for Mobile App Penetration Testing

    By Jason Taylor • June 3, 2025