CVE-2025-20188 PoC — Cisco IOS XE 信任管理问题漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-20188.yaml

Associated Vulnerability

Title:Cisco IOS XE 信任管理问题漏洞 (CVE-2025-20188)
Description:Cisco IOS XE是美国思科（Cisco）公司的一个操作系统。用于企业有线和无线访问，汇聚，核心和WAN的单一操作系统，Cisco IOS XE降低了业务和网络的复杂性。 Cisco IOS XE存在信任管理问题漏洞，该漏洞源于硬编码JSON Web Token，可能导致文件上传和路径遍历攻击。

Description

A vulnerability in the Out-of-Band Access Point (AP) Image Download feature of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, remote attacker to upload arbitrary files to an affected system.This vulnerability is due to the presence of a hard-coded JSON Web Token (JWT) on an affected system.An attacker could exploit this vulnerability by sending crafted HTTPS requests to the AP image download interface. A successful exploit could allow the attacker to upload files, perform path traversal, and execute arbitrary commands with root privileges.

File Snapshot


 id: CVE-2025-20188

info:
  name: Cisco IOS XE WLC - Arbitrary File Upload
  author: iamnoooob,pdres

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!