{"vulnerability": "CVE-2025-20186", "sightings": [{"uuid": "aa716662-fb6f-4a98-9653-db3a08733236", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20186", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15465", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-20186\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: A vulnerability in the web-based management interface of the Wireless LAN Controller feature of Cisco IOS XE Software could allow an authenticated, remote attacker with a lobby ambassador user account to perform a command injection attack against an affected device.\n This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary Cisco IOS XE Software CLI commands with privilege level 15.\n Note: This vulnerability is exploitable only if the attacker obtains the credentials for a lobby ambassador account. This account is not configured by default.\n\ud83d\udccf Published: 2025-05-07T17:37:53.804Z\n\ud83d\udccf Modified: 2025-05-08T03:56:36.076Z\n\ud83d\udd17 References:\n1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-cmdinj-gVn3OKNC", "creation_timestamp": "2025-05-08T04:22:48.000000Z"}, {"uuid": "e4039420-b87e-4c86-a8ce-29161ab15ffa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20186", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/114467977465633655", "content": "", "creation_timestamp": "2025-05-07T18:32:02.940592Z"}, {"uuid": "284d9334-7dc6-4d1e-9ba8-bba6d15620e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20186", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lom2f5t2vw2n", "content": "", "creation_timestamp": "2025-05-07T18:41:54.799398Z"}]}