Cisco has released software fixes to address a maximum-severity security flaw in its IOS XE Wireless Controller that could enable an unauthenticated, remote attacker to upload arbitrary files to a susceptible system.
The vulnerability, tracked as CVE-2025-20188, has been rated 10.0 on the CVSS scoring system.
“This vulnerability is due to the presence of a hard-coded JSON Web Token (JWT) on anRead More
Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT [email protected] (The Hacker News)
by
Tags: