{"uuid": "6a911622-1b53-4e60-b651-500b8c3bb6ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://t.me/brutsecurity/1879", "content": "CVE-2025-20188: Use of Hard-coded Credentials in Cisco IOS XE, 10.0 rating \ud83d\udd25\ud83d\udd25\ud83d\udd25\n\nDue to hard-coded JWT, Cisco IOS XE instances may be vulnerable to arbitrary file uploads, path traversal, and arbitrary command execution. Catalyst controllers are primarily affected.\n\nSearch at Netlas.io:\n\ud83d\udc49 Link: https://nt.ls/BKkJI\n\ud83d\udc49 Dork: certificate.issuer_dn:\"IOS-Self-Signed-Certificate\"\n\nVendor's advisory: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-file-uplpd-rHZG9UfC", "creation_timestamp": "2026-07-09T03:00:08.402513Z"}