![[The AI Show Episode 146]: Rise of “AI-First” Companies, AI Job Disruption, GPT-4o Update Gets Rolled Back, How Big Consulting Firms Use AI, and Meta AI App](https://www.marketingaiinstitute.com/hubfs/ep%20146%20cover.png)
![[Update] A renewed Pixel Watch 2 is a steal at under $80 on Amazon](https://i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2023/10/Pixel-Watch-2-in-pocket-1.jpg?resize=1200%2C628&quality=82&strip=all&ssl=1){kind=tracking}
![Honor 400 series officially launching on May 22 as design is revealed [Video]](https://i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2025/05/honor-400-series-announcement-1.png?resize=1200%2C628&quality=82&strip=all&ssl=1)
![Beats Studio Pro Wireless Headphones Now Just $169.95 - Save 51%! [Deal]](https://www.iclarified.com/images/news/97258/97258/97258-640.jpg)
Cisco IOS XE Wireless Controllers Vulnerability Enables Full Device Control for Attackers
Cisco has disclosed a critical security vulnerability in its IOS XE Wireless LAN Controllers that could allow unauthorized attackers to gain complete control of affected devices. The flaw, assigned the maximum severity rating of 10.0, enables unauthenticated remote attackers to upload arbitrary files, traverse directories, and execute commands with root privileges on affected systems. The […] The post Cisco IOS XE Wireless Controllers Vulnerability Enables Full Device Control for Attackers appeared first on Cyber Security News.
Cisco has disclosed a critical security vulnerability in its IOS XE Wireless LAN Controllers that could allow unauthorized attackers to gain complete control of affected devices.
The flaw, assigned the maximum severity rating of 10.0, enables unauthenticated remote attackers to upload arbitrary files, traverse directories, and execute commands with root privileges on affected systems.
The vulnerability, tracked as CVE-2025-20188, resides in the Out-of-Band Access Point (AP) Image Download feature of Cisco IOS XE Software for Wireless LAN Controllers (WLCs).
According to Cisco’s security advisory released on May 7, the flaw stems from “the presence of a hard-coded JSON Web Token (JWT) on an affected system”.
Security researchers note that attackers can exploit this vulnerability by sending specially crafted HTTPS requests to the AP image download interface.
When successfully exploited, attackers gain the ability to upload malicious files to arbitrary locations and execute commands with the highest system privileges.
“This vulnerability represents a significant risk to enterprise networks using affected Cisco wireless controllers,” said a cybersecurity expert familiar with the issue. “The combination of remote access, no authentication requirements, and root-level command execution makes this flaw particularly dangerous.”
Affected Products
The vulnerability affects several Cisco products running vulnerable versions of IOS XE Software with the Out-of-Band AP Image Download feature enabled:
- Catalyst 9800-CL Wireless Controllers for Cloud
- Catalyst 9800 Embedded Wireless Controller for Catalyst 9300, 9400, and 9500 Series Switches
- Catalyst 9800 Series Wireless Controllers
- Embedded Wireless Controller on Catalyst APs
Administrators can determine if their devices are vulnerable by using the command “show running-config | include ap upgrade” – if it returns “ap upgrade method https,” the device is affected.
Cisco has released software updates that address this vulnerability, and customers are strongly urged to upgrade immediately. The company states there are no workarounds for this issue, but as a temporary mitigation, administrators can disable the vulnerable feature.
“Organizations should prioritize patching this vulnerability immediately,” said another security analyst. “In environments where immediate patching isn’t possible, disabling the Out-of-Band AP Image Download feature is critical until updates can be applied.”
Security bulletin information indicates the vulnerability was discovered internally by X.B. of the Cisco Advanced Security Initiatives Group during security testing. According to Cisco’s advisory, there is currently no evidence of active exploitation in the wild.
This vulnerability disclosure comes as part of Cisco’s May 2025 Semiannual IOS and IOS XE Software Security Advisory Bundled Publication, which includes fixes for multiple security issues in Cisco products.
The post Cisco IOS XE Wireless Controllers Vulnerability Enables Full Device Control for Attackers appeared first on Cyber Security News.
