Cisco has issued security updates to fix a critical vulnerability in its IOS XE Wireless Controller that could allow remote attackers to upload arbitrary files and execute commands with root privileges. The flaw stems from a hard-coded JSON Web Token (JWT), and exploitation requires the Out-of-Band AP Image Download feature to be enabled. (Affected: Cisco IOS XE Wireless Controllers and associated devices)
Keypoints :
- Cisco released software fixes for a high-severity security flaw in IOS XE Wireless Controllers, rated CVSS 10.0.
- The vulnerability involves a hard-coded JSON Web Token (JWT) that can be exploited via crafted HTTPS requests.
- Successful exploitation could permit remote attackers to upload files, execute commands with root privileges, and perform path traversal.
- The attack requires the Out-of-Band AP Image Download feature to be enabled, which is disabled by default.
- Affected products include Catalyst 9800 series Wireless Controllers, Catalyst 9800-CL, and embedded wireless controllers on APs.
- Temporary mitigation involves disabling the feature; updating to the latest software version is recommended for full protection.
- Cisco credited X.B. from its Advanced Security Initiatives Group for discovering the vulnerability, which has not seen any known malicious exploits.
Read More: https://thehackernews.com/2025/05/cisco-patches-cve-2025-20188-100-cvss.html