Main Vulnerability Database Vulnerabilities #VU108779

#VU108779 Use of hard-coded credentials in Cisco Systems, Inc products - CVE-2025-20188

Published: May 7, 2025

Vulnerability identifier: #VU108779

Vulnerability risk: Critical

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Red

CVE-ID: CVE-2025-20188

CWE-ID: CWE-798

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Catalyst 9800-CL Wireless Controllers for Cloud
Catalyst 9800 Embedded Wireless Controller
Catalyst 9800 Series Wireless Controllers
Cisco IOS XE

Software vendor:
Cisco Systems, Inc

Description

The vulnerability allows a remote attacker to gain full access to vulnerable system.

The vulnerability exists due to the presence of a hard-coded JSON Web Token (JWT) within the Out-of-Band AP Image Download feature. A remote unauthenticated attacker can send specially crafted HTTPS requests to the AP image download interface and upload arbitrary files to the system.

Successful exploitation of the vulnerability may result in full system compromise.

Remediation

Install updates from vendor's website.

This vulnerability affects the following Cisco products if they are running a vulnerable release of Cisco IOS XE Software for WLCs and have the Out-of-Band AP Image Download feature enabled:

Catalyst 9800-CL Wireless Controllers for Cloud
Catalyst 9800 Embedded Wireless Controller for Catalyst 9300, 9400, and 9500 Series Switches
Catalyst 9800 Series Wireless Controllers
Embedded Wireless Controller on Catalyst APs

#VU108779 Use of hard-coded credentials in Cisco Systems, Inc products - CVE-2025-20188

Description

Remediation

External links

Please verify you're human