Denial-of-Service Vulnerability in Cisco IOS Software Web UI
CVE-2025-20327
7.7HIGH
What is CVE-2025-20327?
A vulnerability exists in the web UI of Cisco IOS Software due to improper input validation. This flaw permits an authenticated, remote attacker with low privileges to craft specific HTTP requests that exploit the vulnerability. If successfully executed, this attack could lead to a denial of service condition, forcing the affected device to reload and become temporarily unavailable. Organizations using Cisco IOS Software should assess their systems and apply necessary patches to safeguard against potential exploitation.
Affected Version(s)
IOS 15.2(6)E2
IOS 15.2(7)E
IOS 15.2(6)E2a
References
CVSS V3.1
Score:
7.7
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed
Timeline
- 👾
Exploit known to exist
Vulnerability published
Vulnerability Reserved