Remote File Upload Vulnerability in Cisco IOS XE Software for Wireless LAN Controllers
CVE-2025-20188

10CRITICAL

Key Information:

Vendor

Cisco
Status
Cisco iOS Xe Software
Vendor
CVE Published:
7 May 2025

Badges

🥇 Trended No. 1📈 Trended📈 Score: 45,700👾 Exploit Exists📰 News Worthy

What is CVE-2025-20188?

CVE-2025-20188 is a critical vulnerability found in the Cisco IOS XE Software, specifically affecting Wireless LAN Controllers (WLCs). This vulnerability arises from the Out-of-Band Access Point (AP) Image Download feature, which allows unauthorized remote attackers to upload arbitrary files to affected systems. The root cause of the vulnerability lies in a hard-coded JSON Web Token (JWT) that facilitates authentication for this feature. An attacker can exploit this vulnerability by sending crafted HTTPS requests to the AP image download interface, enabling them to upload files, execute arbitrary commands, and perform path traversal operations with root privileges on the device. Notably, for an attacker to exploit this vulnerability, the Out-of-Band AP Image Download feature must be enabled—although it is not enabled by default, some organizations may activate it for specific deployment requirements.

Potential Impact of CVE-2025-20188

  1. Complete Device Compromise: Exploitation of this vulnerability allows attackers to gain full control of affected wireless LAN controllers, leading to the potential execution of arbitrary commands with root privileges. This level of access can compromise the integrity and confidentiality of the network.

  2. File System Manipulation: The ability to upload arbitrary files can enable attackers to implant malware, including backdoors or other malicious tools, facilitating persistent access and control over the organization’s network infrastructure.

  3. Network Disruption and Data Breach: Successful exploitation can lead to severe network disruptions, manipulation of network configurations, and potential data breaches, compromising sensitive organizational information and undermining customer trust.

Affected Version(s)

Cisco IOS XE Software 17.11.1

Cisco IOS XE Software 17.12.1

Cisco IOS XE Software 17.12.2

News Articles

Exploitation Risk Grows for Critical Cisco Bug

New details on the Cisco IOS XE vulnerability could help attackers develop a working exploit soon, researchers say.

2 weeks ago

favicon imageSecurity Affairs

Experts published a detailed analysis of Cisco IOS XE WLC flaw CVE-2025-20188

Technical details about a critical Cisco IOS XE WLC flaw (CVE-2025-20188) are now public, raising the risk of a working exploit emerging soon.

3 weeks ago

favicon imageBleepingComputer

Exploit details for max severity Cisco IOS XE flaw now public

Technical details about a maximum-severity Cisco IOS XE WLC arbitrary file upload flaw tracked as CVE-2025-20188 have been made publicly available, bringing us closer to a working exploit.

3 weeks ago

References

https://sec.cloudapps.cisco.com/security/center/content/C...

CVSS V3.1

Score:
10
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • 🥇

    Vulnerability reached the number 1 worldwide trending spot

  • 📈

    Vulnerability started trending

  • 📰

    First article discovered by The Hacker News

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-20188 : Remote File Upload Vulnerability in Cisco IOS XE Software for Wireless LAN Controllers