{"vulnerability": "CVE-2025-20188", "sightings": [{"uuid": "ba55ab0d-7f05-48f6-9eeb-42d5f6c4fa50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3lqfgsjwhgk24", "content": "", "creation_timestamp": "2025-05-30T14:25:56.984251Z"}, {"uuid": "160415ac-b5dd-4490-a452-b69b866cc795", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/r-blueteamsec.bsky.social/post/3lqmy4vcfdf2s", "content": "", "creation_timestamp": "2025-06-02T14:24:32.137687Z"}, {"uuid": "c9846f4f-2e07-4263-b93f-28c46b7dfa10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/dasgeldco.bsky.social/post/3lren5bn5up2q", "content": "", "creation_timestamp": "2025-06-12T00:11:47.899080Z"}, {"uuid": "510c6955-9eea-4f5e-b7bd-405d2dadfa4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/eldinerolat.bsky.social/post/3lren5urtdh2x", "content": "", "creation_timestamp": "2025-06-12T00:12:08.201456Z"}, {"uuid": "d24753ee-b892-4ef9-84b2-76a2fa8b4e76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3lqo2ven57r2f", "content": "", "creation_timestamp": "2025-06-03T00:46:40.819725Z"}, {"uuid": "895d5218-af68-493c-b0f6-58359194c3ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://threatintel.cc/2025/06/02/exploit-details-for-max-severity.html", "content": "", "creation_timestamp": "2025-06-02T11:24:30.000000Z"}, {"uuid": "458547b9-b56b-4670-b044-1d25ee75cf99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-20188.yaml", "content": "", "creation_timestamp": "2025-05-29T20:11:29.000000Z"}, {"uuid": "f704f250-085d-427b-ba39-a51283e040c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/cosmicmeta.bsky.social/post/3lqnnrhmeug2p", "content": "", "creation_timestamp": "2025-06-02T20:51:52.142470Z"}, {"uuid": "a55a8658-da7b-479f-ae40-029bee6d4b6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-20188", "type": "seen", "source": "https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3lqnpek2dmqd2", "content": "", "creation_timestamp": "2025-06-02T21:23:09.605067Z"}, {"uuid": "b8154043-862f-446c-a098-c1975e7f364e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3lqnqlhrtco2c", "content": "", "creation_timestamp": "2025-06-02T21:42:12.013841Z"}, {"uuid": "91dc4d4c-d9f9-4fea-9154-c89e715f0e40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lqntt5uui22h", "content": "", "creation_timestamp": "2025-06-02T22:40:10.385171Z"}, {"uuid": "6f33e032-060c-4ab4-a82d-5aee1e9263ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-20188", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114591964645064976", "content": "", "creation_timestamp": "2025-05-29T16:03:37.358840Z"}, {"uuid": "ff1c5f20-18c8-479c-a179-a1b7bfd98a39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lrltx6z24z22", "content": "", "creation_timestamp": "2025-06-14T21:02:20.636261Z"}, {"uuid": "66426f6a-d9f9-4843-9611-b7e6b51c7e29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/buherator.bsky.social/post/3lqdbutbdcu2c", "content": "", "creation_timestamp": "2025-05-29T17:52:21.751389Z"}, {"uuid": "6386b429-f228-4a9f-bdc4-e68e6121fc61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3lqorf6l3qc2k", "content": "", "creation_timestamp": "2025-06-03T07:29:14.531354Z"}, {"uuid": "4f89d3b7-f756-43bd-a54c-6f28008e6d22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3lqorf6ldkc2k", "content": "", "creation_timestamp": "2025-06-03T07:29:15.044023Z"}, {"uuid": "bccb5152-23cd-4fbb-83ad-2669de7c9862", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-20188", "type": "seen", "source": "https://infosec.exchange/users/Tinolle/statuses/114592836556467227", "content": "", "creation_timestamp": "2025-05-29T19:45:21.934177Z"}, {"uuid": "820a0df0-ab6e-4367-97be-27875a619881", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/redteamnews.bsky.social/post/3lqiq5zouzr2l", "content": "", "creation_timestamp": "2025-05-31T21:51:21.448684Z"}, {"uuid": "e42cfd1e-fc7e-4de7-a081-cba24aee608b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3lqiqgj5hvf2b", "content": "", "creation_timestamp": "2025-05-31T21:56:06.976984Z"}, {"uuid": "bec70fe3-da2f-4ede-bc95-7cacc8822ce2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/atomwriggley.bsky.social/post/3lqiirtqpr227", "content": "", "creation_timestamp": "2025-05-31T19:39:18.341080Z"}, {"uuid": "34aa307d-cf84-4085-b5ab-c357aa1649f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/sequretek.bsky.social/post/3lptn3af2rc2p", "content": "", "creation_timestamp": "2025-05-23T12:30:21.180909Z"}, {"uuid": "4a68e1ff-e9f5-47b6-8ad5-0d3064328d39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/alexandreborges.bsky.social/post/3lqpherdc3k2n", "content": "", "creation_timestamp": "2025-06-03T14:02:45.256349Z"}, {"uuid": "fef3ba29-3cc2-42fa-a80e-ba692c219cd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/itinsights.bsky.social/post/3lqkmzsloyk2h", "content": "", "creation_timestamp": "2025-06-01T16:00:38.474553Z"}, {"uuid": "0a03b721-9dcc-4958-a942-80959264be11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lqybvlqprw23", "content": "", "creation_timestamp": "2025-06-07T02:18:42.611023Z"}, {"uuid": "60f44af3-56e6-42ab-b4b5-9545c5a4f23d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/ssuitesoftware.bsky.social/post/3lqk45wewuk23", "content": "", "creation_timestamp": "2025-06-01T10:58:51.643785Z"}, {"uuid": "5e349244-97e0-4092-b977-ed36af7d48d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-20188", "type": "seen", "source": "https://infosec.exchange/users/alexandreborges/statuses/114619803510347724", "content": "", "creation_timestamp": "2025-06-03T14:03:25.367266Z"}, {"uuid": "cf8dbb6d-a5d6-4c09-baf3-46ea0cc16cec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-20188", "type": "seen", "source": "https://infosec.exchange/users/DarkWebInformer/statuses/114473950634336026", "content": "", "creation_timestamp": "2025-05-08T19:51:06.428676Z"}, {"uuid": "c69ec9b0-2b20-4b8f-b694-97c266955826", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/darkwebinformer.com/post/3looopx7xlk2d", "content": "", "creation_timestamp": "2025-05-08T19:51:15.540884Z"}, {"uuid": "91ec3718-f014-4265-9e9e-fed9201c1eaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3loophluu3k2i", "content": "", "creation_timestamp": "2025-05-08T20:04:27.358808Z"}, {"uuid": "9b25c8aa-9c30-422e-b770-e26090148b7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3looprl7k522i", "content": "", "creation_timestamp": "2025-05-08T20:10:02.914521Z"}, {"uuid": "b792ada5-d058-47c0-b338-d0edf155f5d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3loorem6apvb2", "content": "", "creation_timestamp": "2025-05-08T21:13:51.650771Z"}, {"uuid": "95d5b50e-454e-4c14-a559-1d1433c0b53e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/ninjaowl.ai/post/3loowt432tn2k", "content": "", "creation_timestamp": "2025-05-08T22:16:07.533332Z"}, {"uuid": "ba501dda-0184-4f28-96ae-1498c433d13a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lqxzjhqoms23", "content": "", "creation_timestamp": "2025-06-06T23:48:57.128409Z"}, {"uuid": "3a623ff9-b563-4e3f-86d8-7418a36eea09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lqxzjkhc4c23", "content": "", "creation_timestamp": "2025-06-06T23:48:58.115672Z"}, {"uuid": "a7ea777c-602c-4aa3-9999-4a069838f0de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lom2f62b632p", "content": "", "creation_timestamp": "2025-05-07T18:41:55.933519Z"}, {"uuid": "da595bf4-62e4-476e-85c3-9d79b71322af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lomvcpjlfc2z", "content": "", "creation_timestamp": "2025-05-08T02:43:45.626939Z"}, {"uuid": "064b6075-5aa2-4d86-9c55-12e9a8a2a7eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lomxff6xek2g", "content": "", "creation_timestamp": "2025-05-08T03:21:01.862911Z"}, {"uuid": "0da2998f-7191-475b-813d-c367a9d1b3d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/softfantw.bsky.social/post/3lon7i6qkyc25", "content": "", "creation_timestamp": "2025-05-08T05:45:46.257188Z"}, {"uuid": "840f5b7c-1536-4c87-9ac1-7b2f8a076b7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/techit.bsky.social/post/3lonabtg2u52o", "content": "", "creation_timestamp": "2025-05-08T06:00:05.736515Z"}, {"uuid": "baad5901-d247-4e25-95d1-17bb3e4df82c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-20188", "type": "seen", "source": "https://bsky.app/profile/cti-news.bsky.social/post/3lonavrhjby2e", "content": "", "creation_timestamp": "2025-05-08T06:11:13.855385Z"}, {"uuid": "27ffe3cf-365b-4813-86c5-1d235b8069e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-20188", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lonb2fjkfe62", "content": "", "creation_timestamp": "2025-05-08T06:13:59.142871Z"}, {"uuid": "b7d3a9c2-2667-49c4-8629-1c56cdb48386", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/redteamnews.bsky.social/post/3lonbabg7j52q", "content": "", "creation_timestamp": "2025-05-08T06:17:05.887506Z"}, {"uuid": "5b2d89eb-2c01-4a19-8808-844726c82c3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-20188", "type": "seen", "source": "https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3lonbotasgy32", "content": "", "creation_timestamp": "2025-05-08T06:25:21.182600Z"}, {"uuid": "98ca0aab-81c2-40c3-840b-f8f79db8ea5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-20188", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3lonbwhwsd22k", "content": "", "creation_timestamp": "2025-05-08T06:29:31.429860Z"}, {"uuid": "9dc971cd-0db7-4332-b1e6-15627be44e2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-20188", "type": "seen", "source": "https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3loncaqhv6cj2", "content": "", "creation_timestamp": "2025-05-08T06:35:25.826796Z"}, {"uuid": "9a9b4f2f-7951-4aea-8885-76d97c5ea4cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-20188", "type": "seen", "source": "https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3loncazjtzca2", "content": "", "creation_timestamp": "2025-05-08T06:35:38.460265Z"}, {"uuid": "32aeade6-ea6c-4ca6-8b9c-05ad52a56405", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-20188", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3loncy5uk4s2k", "content": "", "creation_timestamp": "2025-05-08T06:48:21.957717Z"}, {"uuid": "081e3bff-1a9d-4a6b-bcea-8a2783ed6f08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://thehackernews.com/2025/05/cisco-patches-cve-2025-20188-100-cvss.html", "content": "", "creation_timestamp": "2025-05-08T02:57:00.000000Z"}, {"uuid": "6912479a-d392-4670-891d-c929fa1d58b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/reconbee.bsky.social/post/3londuwnkyc2e", "content": "", "creation_timestamp": "2025-05-08T07:04:30.636393Z"}, {"uuid": "23522b5e-312f-43aa-b486-4deb0998bbbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-20188", "type": "seen", "source": "https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3lonjaigabjq2", "content": "", "creation_timestamp": "2025-05-08T08:43:56.510199Z"}, {"uuid": "86e320aa-7d93-456d-8078-13ec11f32a11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lqxzjn7cjc23", "content": "", "creation_timestamp": "2025-06-06T23:48:59.146040Z"}, {"uuid": "e0731f1d-6251-468a-9150-a0521a53d365", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lqxzjoewmk23", "content": "", "creation_timestamp": "2025-06-06T23:49:00.164170Z"}, {"uuid": "755fb9d2-afbd-4c97-a459-56a2a899c22a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://gist.github.com/zhenthebuilder/1e7fde3e1823a8bff41dcd90eb043164", "content": "", "creation_timestamp": "2025-06-06T23:58:34.000000Z"}, {"uuid": "ba6cabbe-a2cc-4e3c-af38-bff8bb03eb3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3lop33dqq6m2r", "content": "", "creation_timestamp": "2025-05-08T23:32:18.329069Z"}, {"uuid": "4ddb1a53-c42b-4d4e-93ab-d61910f9b743", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lop5wk4jdk2t", "content": "", "creation_timestamp": "2025-05-09T00:23:18.435655Z"}, {"uuid": "2e927519-980f-4b36-8075-0c0946756225", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/youranonriots.bsky.social/post/3lonpllqk222i", "content": "", "creation_timestamp": "2025-05-08T10:33:59.846159Z"}, {"uuid": "4d29994c-09b7-424d-9fbe-52c55b8d2659", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lopec23kng22", "content": "", "creation_timestamp": "2025-05-09T02:17:06.884197Z"}, {"uuid": "8e8906c4-c63d-43f8-89a1-e092cde67b40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/eyalestrin.bsky.social/post/3lonqjtm7lz2o", "content": "", "creation_timestamp": "2025-05-08T10:50:53.046271Z"}, {"uuid": "0fbf6717-c260-462d-b197-7eeaffe77482", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lopumaeeqvo2", "content": "", "creation_timestamp": "2025-05-09T07:09:19.381657Z"}, {"uuid": "09c98638-9a1d-4ed6-a604-e81547b97d30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-20188", "type": "seen", "source": "https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3lonmwwobuzx2", "content": "", "creation_timestamp": "2025-05-08T11:28:20.337892Z"}, {"uuid": "c5fdbfff-d28a-4511-97f0-bdf1752601b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lonn2jjpcrq2", "content": "", "creation_timestamp": "2025-05-08T11:28:24.892743Z"}, {"uuid": "c7283e6a-670e-412e-8eb4-a225528c33a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lontb57kqij2", "content": "", "creation_timestamp": "2025-05-08T11:40:09.030821Z"}, {"uuid": "064befd6-89ec-481c-a524-c6240c94861b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lonw6dov3m2g", "content": "", "creation_timestamp": "2025-05-08T12:31:52.582849Z"}, {"uuid": "09ac755b-ee45-4ad7-9b9e-1b0de0ea6d01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lonw6oxkeo2s", "content": "", "creation_timestamp": "2025-05-08T12:32:01.995359Z"}, {"uuid": "8751a074-80d2-4576-8bbc-8da733f81069", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lonwdtq5ndq2", "content": "", "creation_timestamp": "2025-05-08T12:35:24.890092Z"}, {"uuid": "bfd0b536-77b0-41db-8c01-13c4feea4216", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lonzapralb23", "content": "", "creation_timestamp": "2025-05-08T13:26:50.729331Z"}, {"uuid": "0c14f54c-bdbc-44da-a7b7-0f2a215a0737", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3loo47r5hgu2b", "content": "", "creation_timestamp": "2025-05-08T14:20:00.724173Z"}, {"uuid": "ff7ea911-29bd-4482-9835-dbfa819e0dac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3loq4nzsh5qg2", "content": "", "creation_timestamp": "2025-05-09T09:37:51.014456Z"}, {"uuid": "9d2b8f31-aa26-4e64-9bd1-66749c940596", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3loo4afmdqd2t", "content": "", "creation_timestamp": "2025-05-08T14:20:21.419912Z"}, {"uuid": "dff6c3b9-b40a-44dd-9ae8-5ea2890f3cb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3losudfy2nc23", "content": "", "creation_timestamp": "2025-05-10T11:42:11.540564Z"}, {"uuid": "883f47f1-7b34-48d0-965b-9b12ccd7ddae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/earlybirdsinvest.bsky.social/post/3lql7g7bdfh2h", "content": "", "creation_timestamp": "2025-06-01T21:29:41.422476Z"}, {"uuid": "92eea68f-1b87-4e3d-abb4-41891292d82e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3loqdwidtezg2", "content": "", "creation_timestamp": "2025-05-09T11:51:31.698129Z"}, {"uuid": "698a8a61-6c1d-4a63-b476-5b871e077c23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/insightsintothings.com/post/3loql62uqg22b", "content": "", "creation_timestamp": "2025-05-09T13:52:51.173064Z"}, {"uuid": "bb60cbe4-731f-4373-b32c-8a4a7a85aad6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3loqpqkazfx2q", "content": "", "creation_timestamp": "2025-05-09T15:14:44.689646Z"}, {"uuid": "1b9e090e-9247-42d0-a6db-687c18b01ce8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3loqriaiowuc2", "content": "", "creation_timestamp": "2025-05-09T15:56:05.814553Z"}, {"uuid": "c28d0ac3-7ccd-4e3d-901c-e4375c3f203b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/ehcgroup.bsky.social/post/3lorddxl55k2k", "content": "", "creation_timestamp": "2025-05-09T21:05:38.374464Z"}, {"uuid": "0110f2f2-1504-4eb0-a923-7824083f5f2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lorgwbkgok25", "content": "", "creation_timestamp": "2025-05-09T22:09:34.085303Z"}, {"uuid": "283c6d49-178a-45f4-98cb-7d7cd622d79f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lorcx6lppsc2", "content": "", "creation_timestamp": "2025-05-09T22:10:08.031239Z"}, {"uuid": "4bf93c38-a997-4e94-ad27-20739f85d3cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lqlhzpk2h22h", "content": "", "creation_timestamp": "2025-06-02T00:03:46.156920Z"}, {"uuid": "0481a327-4705-4532-9280-1715907a9c13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lorulqoaek2o", "content": "", "creation_timestamp": "2025-05-10T02:14:11.119544Z"}, {"uuid": "be087c9a-9c6f-4b86-b3af-f9172c59b53e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3loufha4sjx23", "content": "", "creation_timestamp": "2025-05-11T02:21:12.770433Z"}, {"uuid": "b43a6116-905d-49db-bc59-bd71e0de0d69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/ssuitesoftware.bsky.social/post/3lqme2l52ac2c", "content": "", "creation_timestamp": "2025-06-02T08:25:24.958234Z"}, {"uuid": "63f00e4e-52ab-4ffa-84b4-4cbe6afd0d2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/leekthehack.bsky.social/post/3loycfidf4s22", "content": "", "creation_timestamp": "2025-05-12T15:37:15.906712Z"}, {"uuid": "778e9caf-45fa-446b-a627-f785cf8b05cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/leekthehack.bsky.social/post/3loycfjsmts22", "content": "", "creation_timestamp": "2025-05-12T15:37:16.424400Z"}, {"uuid": "45fb5296-fa15-479c-a9ac-2f69bfcc3a06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/royans.bsky.social/post/3lqpu7xjgtj22", "content": "", "creation_timestamp": "2025-06-03T17:58:56.130501Z"}, {"uuid": "66317145-1671-440a-b40b-24011a88e43a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lp22mhlics2c", "content": "", "creation_timestamp": "2025-05-13T08:23:15.726143Z"}, {"uuid": "2af763d0-abb4-40d9-a8b2-d05d01b12e94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://mstdn.ca/users/rfwaveio/statuses/114489698390360418", "content": "", "creation_timestamp": "2025-05-11T14:36:03.772744Z"}, {"uuid": "467e0303-f1df-49fd-9b6a-3e5613d347a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lowvtqsac32f", "content": "", "creation_timestamp": "2025-05-12T02:19:52.137324Z"}, {"uuid": "4f3cae07-0cf0-438b-89cf-06dfaee75816", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3lqmgjvbksv2g", "content": "", "creation_timestamp": "2025-06-02T09:09:41.605425Z"}, {"uuid": "47782c80-73d3-4d5c-9d37-c5614baa0d15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lp3wn5crqf2b", "content": "", "creation_timestamp": "2025-05-14T02:17:22.900872Z"}, {"uuid": "33c4be3e-9896-4ba2-b4fd-6df137fbaf7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/lordman1982.bsky.social/post/3lp4n7rassz2r", "content": "", "creation_timestamp": "2025-05-14T09:01:30.720134Z"}, {"uuid": "ed5bdb30-c21c-43c3-98e0-8976f5e6ecaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lqq6swzmt52k", "content": "", "creation_timestamp": "2025-06-03T21:02:18.036342Z"}, {"uuid": "31637a46-232e-4162-8873-c01d697ace14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lp6h2f5pkh2w", "content": "", "creation_timestamp": "2025-05-15T02:16:26.755217Z"}, {"uuid": "08188b19-817a-410d-b5b3-0bb28fedca38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3lqmka3hgpd2i", "content": "", "creation_timestamp": "2025-06-02T10:15:47.913822Z"}, {"uuid": "05b1dd82-3b85-4e5b-9b96-e91bcaa823e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "published-proof-of-concept", "source": "https://t.me/BleepingComputer/22241", "content": "\u200aExploit details for max severity Cisco IOS XE flaw now public\n\nTechnical details about a maximum-severity Cisco IOS XE WLC arbitrary file upload flaw tracked as CVE-2025-20188 have been made publicly available, bringing us closer to a working exploit. [...]\n\nhttps://www.bleepingcomputer.com/news/security/exploit-details-for-max-severity-cisco-ios-xe-flaw-now-public/", "creation_timestamp": "2025-05-31T21:44:25.000000Z"}, {"uuid": "728bce58-22df-42fd-876f-80b67e03297a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://bsky.app/profile/u2k25.bsky.social/post/3lxphlj37h22h", "content": "", "creation_timestamp": "2025-08-31T16:02:53.237342Z"}, {"uuid": "222602f4-559b-457c-aedd-42851e78cdd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "e92402ac-b04a-4e73-ad0b-3c8344ca18bd", "vulnerability": "CVE-2025-20188", "type": "exploited", "source": "https://www.enisa.europa.eu/sites/default/files/2025-10/ENISA%20Threat%20Landscape%202025.pdf", "content": "", "creation_timestamp": "2025-10-08T20:09:20.104875Z"}, {"uuid": "6e5ecd2f-1d3c-45a2-b6aa-41a4d2c21bfb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/7092", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Horizon3 \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 Cisco IOS XE WLC, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043a\u0430\u043a CVE-2025-20188.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0432 \u043e\u0442\u0447\u0435\u0442\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043d\u0435 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442\u0441\u044f \u0433\u043e\u0442\u043e\u0432\u043e\u0433\u043e \u043a \u0437\u0430\u043f\u0443\u0441\u043a\u0443 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u044f RCE-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430, \u043e\u0434\u043d\u0430\u043a\u043e \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0432\u043f\u043e\u043b\u043d\u0435 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0434\u043b\u044f \u0435\u0433\u043e \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u043e\u043f\u044b\u0442\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c.\n\n7 \u043c\u0430\u044f 2025 \u0433\u043e\u0434\u0430 Cisco \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 IOS XE \u0434\u043b\u044f \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u043e\u0432 \u0431\u0435\u0441\u043f\u0440\u043e\u0432\u043e\u0434\u043d\u044b\u0445 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c\u0438.\n\n\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0437\u0430\u044f\u0432\u0438\u043b, \u0447\u0442\u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u0436\u0435\u0441\u0442\u043a\u043e \u0437\u0430\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c JSON Web Token (JWT), \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043e\u0431\u0445\u043e\u0434 \u043f\u0443\u0442\u0438 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 root.\n\n\u0412 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435 \u043e\u0442\u043c\u0435\u0447\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2025-20188 \u043e\u043f\u0430\u0441\u043d\u0430 \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u0442\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435, \u0435\u0441\u043b\u0438 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u044f \u00ab\u0417\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u043e\u0431\u0440\u0430\u0437\u0430 \u0442\u043e\u0447\u043a\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043f\u043e \u0432\u043d\u0435\u0448\u043d\u0435\u043c\u0443 \u043a\u0430\u043d\u0430\u043b\u0443\u00bb.\n\n\u041e\u043d\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 Catalyst 9800-CL Wireless Controllers for Cloud, Catalyst 9800 Embedded Wireless Controller \u0434\u043b\u044f \u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u043e\u0432 \u0441\u0435\u0440\u0438\u0439 9300, 9400, and 9500 Series Switches,  Catalyst 9800 Series Wireless Controllers \u0438 Embedded Wireless Controller \u043d\u0430 Catalyst APs.\n\n\u041a\u0430\u043a \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442 \u0432 Horizon3, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0438\u0437-\u0437\u0430 \u0436\u0435\u0441\u0442\u043a\u043e \u0437\u0430\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u043e\u0433\u043e \u0441\u0435\u043a\u0440\u0435\u0442\u043d\u043e\u0433\u043e \u043a\u043b\u044e\u0447\u0430 JWT (\u00abnotfound\u00bb), \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u0433\u043e \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u043c\u0438 \u0441\u043a\u0440\u0438\u043f\u0442\u0430\u043c\u0438 Lua \u0434\u043b\u044f \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u0445 \u0442\u043e\u0447\u0435\u043a \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438, \u0432 \u0441\u043e\u0447\u0435\u0442\u0430\u043d\u0438\u0438 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u043f\u0443\u0442\u0438.\n\n\u0412 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438, \u0431\u044d\u043a\u044d\u043d\u0434 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0441\u043a\u0440\u0438\u043f\u0442\u044b OpenResty (Lua + Nginx) \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0442\u043e\u043a\u0435\u043d\u043e\u0432 JWT \u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u043e\u043a \u0444\u0430\u0439\u043b\u043e\u0432, \u043d\u043e \u0435\u0441\u043b\u0438 \u0444\u0430\u0439\u043b '/tmp/nginx_jwt_key' \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442, \u0441\u043a\u0440\u0438\u043f\u0442 \u0432\u043e\u0437\u0432\u0440\u0430\u0449\u0430\u0435\u0442\u0441\u044f \u043a \u0441\u0442\u0440\u043e\u043a\u0435 \"notfound\" \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0441\u0435\u043a\u0440\u0435\u0442\u0430 \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 JWT.\n\n\u041f\u043e \u0441\u0443\u0442\u0438, \u044d\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0433\u0435\u043d\u0435\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0442\u043e\u043a\u0435\u043d\u044b, \u043d\u0435 \u0437\u043d\u0430\u044f \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0441\u0435\u043a\u0440\u0435\u0442\u043e\u0432, \u043f\u0440\u043e\u0441\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u00abHS256\u00bb \u0438 \u00abnotfound\u00bb.\n\nHorizon3 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u043f\u0440\u0438\u043c\u0435\u0440 \u0441 \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u043e\u0439 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u0430 POST \u0441 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u043e\u0439 \u0444\u0430\u0439\u043b\u0430 \u043d\u0430 \u043a\u043e\u043d\u0435\u0447\u043d\u0443\u044e \u0442\u043e\u0447\u043a\u0443 \u00ab/ap_spec_rec/upload/\u00bb \u0447\u0435\u0440\u0435\u0437 \u043f\u043e\u0440\u0442 8443 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0443\u0442\u0438 \u0438\u043c\u0435\u043d\u0438 \u0444\u0430\u0439\u043b\u0430, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u043c\u0435\u0441\u0442\u0438\u0442\u044c \u0431\u0435\u0437\u043e\u0431\u0438\u0434\u043d\u044b\u0439 \u0444\u0430\u0439\u043b (foo.txt) \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u043c\u043e\u0433\u043e \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430.\n\n\u0414\u043b\u044f \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 \u0434\u043e \u0443\u0440\u043e\u0432\u043d\u044f RCE, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438, \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0435 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u043c\u0438 \u0441\u043b\u0443\u0436\u0431\u0430\u043c\u0438, \u0441\u0431\u0440\u043e\u0441\u0438\u0442\u044c \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 \u0438\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439.\n\n\u0412 \u0441\u043b\u0443\u0447\u0430\u0435 \u0441 Horizon3, \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043e \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u0435 \u0441\u043b\u0443\u0436\u0431\u043e\u0439 \u00abpvp.sh\u00bb, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0435 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0438, \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442 \u0444\u0430\u0439\u043b\u044b \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438, \u043e\u0442 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043e\u043d\u0430 \u0437\u0430\u0432\u0438\u0441\u0438\u0442, \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0434\u0430\u0436\u0435 \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043a\u043e\u043c\u0430\u043d\u0434 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u0439 \u0440\u0438\u0441\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 (17.12.04 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043d\u043e\u0432\u043e\u0439).\n\n\u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0433\u043e \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u044b \u043c\u043e\u0433\u0443\u0442 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u044e \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043e\u0431\u0440\u0430\u0437\u0430 \u0442\u043e\u0447\u043a\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043f\u043e \u0432\u043d\u0435\u0448\u043d\u0435\u043c\u0443 \u043a\u0430\u043d\u0430\u043b\u0443, \u0447\u0442\u043e\u0431\u044b \u0437\u0430\u043a\u0440\u044b\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u0441\u043b\u0443\u0436\u0431\u0443.", "creation_timestamp": "2025-06-02T15:53:04.000000Z"}, {"uuid": "6d369232-8422-4912-950b-7fb433fc026f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15468", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-20188\n\ud83d\udd25 CVSS Score: 10 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: A vulnerability in the Out-of-Band Access Point (AP) Image Download feature of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, remote attacker to upload arbitrary files to an affected system.\n This vulnerability is due to the presence of a hard-coded JSON Web Token (JWT) on an affected system. An attacker could exploit this vulnerability by sending crafted HTTPS requests to the AP image download interface. A successful exploit could allow the attacker to upload files, perform path traversal, and execute arbitrary commands with root privileges. \n Note: For exploitation to be successful, the Out-of-Band AP Image Download feature must be enabled on the device. It is not enabled by default.\n\ud83d\udccf Published: 2025-05-07T17:34:36.871Z\n\ud83d\udccf Modified: 2025-05-08T03:56:30.539Z\n\ud83d\udd17 References:\n1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-file-uplpd-rHZG9UfC", "creation_timestamp": "2025-05-08T04:22:51.000000Z"}, {"uuid": "de3485b8-2d50-4830-a33b-97ef9dae9795", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://t.me/zero_day_uz/491", "content": "LOLz\n*\nCVE-2025-20188\nCisco IOS XE WLC - Arbitrary File Upload Vulnerability\n*\nread", "creation_timestamp": "2025-06-05T18:55:22.000000Z"}, {"uuid": "e2d2bf1e-417e-4bd4-a959-4a24cf589f88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "published-proof-of-concept", "source": "https://t.me/ics_cert/1151", "content": "\u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0648\u06cc\u0698\u06af\u06cc \u062f\u0627\u0646\u0644\u0648\u062f \u062a\u0635\u0648\u06cc\u0631 \u0633\u06cc\u0633\u062a\u0645 \u0639\u0627\u0645\u0644 \u062e\u0627\u0631\u062c \u0627\u0632 \u0628\u0627\u0646\u062f \u0633\u06cc\u0633\u062a\u0645 \u0639\u0627\u0645\u0644 Cisco IOS XE \u062f\u0631 \u0646\u0642\u0627\u0637 \u062f\u0633\u062a\u0631\u0633\u06cc (AP\u0647\u0627) \u0628\u0647 \u062f\u0644\u06cc\u0644 \u0648\u062c\u0648\u062f \u06cc\u06a9 JSON Web Token (JWT) \u06a9\u062f\u06af\u0630\u0627\u0631\u06cc \u0634\u062f\u0647 \u0627\u0633\u062a. \u0633\u0648\u0621\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u0628\u0627 \u0627\u0631\u0633\u0627\u0644 \u062f\u0631\u062e\u0648\u0627\u0633\u062a\u200c\u0647\u0627\u06cc HTTPS \u062f\u0633\u062a\u06a9\u0627\u0631\u06cc\u200c\u0634\u062f\u0647\u060c \u062f\u0633\u062a\u0648\u0631\u0627\u062a \u062f\u0644\u062e\u0648\u0627\u0647 \u062e\u0648\u062f \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f.\n\n\u0648\u0627\u062d\u062f \u0622\u0645\u0648\u0632\u0634 \u0648 \u067e\u0631\u0648\u0631\u0634: 2025-05297\nCVE-2025-20188\n\n \u0646\u0635\u0628 \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc\u200c\u0647\u0627 \u0627\u0632 \u0645\u0646\u0627\u0628\u0639 \u0645\u0639\u062a\u0628\u0631\u060c \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc\u200c\u0634\u0648\u062f \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc\u200c\u0647\u0627\u06cc \u0646\u0631\u0645\u200c\u0627\u0641\u0632\u0627\u0631\u06cc \u062a\u0646\u0647\u0627 \u067e\u0633 \u0627\u0632 \u0627\u0631\u0632\u06cc\u0627\u0628\u06cc \u062a\u0645\u0627\u0645 \u062e\u0637\u0631\u0627\u062a \u0645\u0631\u062a\u0628\u0637 \u0646\u0635\u0628 \u0634\u0648\u0646\u062f.\n\n\u0627\u0642\u062f\u0627\u0645\u0627\u062a \u062c\u0628\u0631\u0627\u0646\u06cc:\n- \u063a\u06cc\u0631\u0641\u0639\u0627\u0644 \u06a9\u0631\u062f\u0646 \u0639\u0645\u0644\u06a9\u0631\u062f \u0628\u0627\u0631\u06af\u0630\u0627\u0631\u06cc \u062a\u0635\u0627\u0648\u06cc\u0631 \u0633\u06cc\u0633\u062a\u0645 \u0639\u0627\u0645\u0644 \u0628\u0647 \u0646\u0642\u0627\u0637 \u062f\u0633\u062a\u0631\u0633\u06cc (AP) \u0627\u0632 \u0637\u0631\u06cc\u0642 \u06a9\u0627\u0646\u0627\u0644 \u062e\u0627\u0631\u062c\u06cc\u061b\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0644\u0627\u06cc\u0647 \u06a9\u0627\u0631\u0628\u0631\u062f (WAF) \u0628\u0631\u0627\u06cc \u0641\u06cc\u0644\u062a\u0631 \u06a9\u0631\u062f\u0646 \u062a\u0631\u0627\u0641\u06cc\u06a9 HTTP\u061b\n- \u062a\u0642\u0633\u06cc\u0645\u200c\u0628\u0646\u062f\u06cc \u0634\u0628\u06a9\u0647 \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u06cc\u06a9 \u062f\u0633\u062a\u06af\u0627\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 \u0627\u0632 \u0632\u06cc\u0631\u0634\u0628\u06a9\u0647\u200c\u0647\u0627\u06cc \u062f\u06cc\u06af\u0631\u061b\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0633\u06cc\u0633\u062a\u0645\u200c\u0647\u0627\u06cc \u062a\u0634\u062e\u06cc\u0635 \u0648 \u067e\u06cc\u0634\u06af\u06cc\u0631\u06cc \u0627\u0632 \u0646\u0641\u0648\u0630 \u0628\u0631\u0627\u06cc \u062a\u0634\u062e\u06cc\u0635 (\u0634\u0646\u0627\u0633\u0627\u06cc\u06cc\u060c \u062b\u0628\u062a) \u0648 \u067e\u0627\u0633\u062e \u0628\u0647 \u062a\u0644\u0627\u0634\u200c\u0647\u0627 \u0628\u0631\u0627\u06cc \u0633\u0648\u0621\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u061b\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0633\u06cc\u0633\u062a\u0645\u200c\u0647\u0627\u06cc SIEM \u0628\u0631\u0627\u06cc \u0631\u062f\u06cc\u0627\u0628\u06cc \u062a\u0644\u0627\u0634\u200c\u0647\u0627 \u0628\u0631\u0627\u06cc \u0633\u0648\u0621\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u061b\n- \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u062f\u0633\u062a\u06af\u0627\u0647 \u0627\u0632 \u0634\u0628\u06a9\u0647\u200c\u0647\u0627\u06cc \u062e\u0627\u0631\u062c\u06cc (\u0627\u06cc\u0646\u062a\u0631\u0646\u062a).\n\n\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062a\u0648\u0635\u06cc\u0647\u200c\u0647\u0627:\nhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-file-uplpd-rHZG9UfC\n\ud83c\udfed \u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\ud83d\udc6e\ud83c\udffd\u200d\u2640\ufe0f\u0647\u0631\u06af\u0648\u0646\u0647 \u0627\u0646\u062a\u0634\u0627\u0631 \u0648 \u0630\u06a9\u0631 \u0645\u0637\u0627\u0644\u0628 \u0628\u062f\u0648\u0646 \u0630\u06a9\u0631 \u062f\u0642\u06cc\u0642 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u0644\u06cc\u0646\u06a9 \u0622\u0646 \u0645\u0645\u0646\u0648\u0639 \u0627\u0633\u062a. \n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u06af\u0631\u0648\u0647 \u0648\u0627\u062a\u0633 \u0622\u067e :\nhttps://chat.whatsapp.com/FpB620AWEeSKvd8U6cFh33\n\u06af\u0631\u0648\u0647 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ICSCERT_IR", "creation_timestamp": "2025-05-09T19:27:16.000000Z"}, {"uuid": "89f8b132-12fc-4e65-b76f-b2321cf27bdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "published-proof-of-concept", "source": "https://t.me/TengkorakCyberCrewzz/2078", "content": "Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT \u2013 thehackernews.com\n\nThu, 08 May 2025 12:57:00", "creation_timestamp": "2025-05-08T08:03:03.000000Z"}, {"uuid": "94748c01-c4b9-4661-8857-890e712f3fa5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://t.me/DarkWebInformer_News/4316", "content": "\ud83d\udea8 News Alert!\n\nSource: Dark Web Informer - Cyber Threat Intelligence\nTitle: Cisco IOS XE Wireless Controllers Vulnerable to Unauthenticated Root Exploits via JWT (CVE-2025-20188)\nLink: https://darkwebinformer.com/cisco-ios-xe-wireless-controllers-vulnerable-to-unauthenticated-root-exploits-via-jwt-cve-2025-20188/", "creation_timestamp": "2025-05-08T19:51:16.000000Z"}, {"uuid": "20a315d7-e680-4d78-a6d3-58a4c458da6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://t.me/DarkWebInformer_News/4289", "content": "\ud83d\udea8 News Alert!\n\nSource: The Hacker News\nTitle: Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT\nLink: https://thehackernews.com/2025/05/cisco-patches-cve-2025-20188-100-cvss.html", "creation_timestamp": "2025-05-08T05:51:18.000000Z"}, {"uuid": "d9026beb-e03b-4907-9fd9-95be0c35e84b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://t.me/CyberBulletin/10794", "content": "\u26a1\ufe0fCritical CVE-2025-20188 (CVSS 10) Flaw in Cisco IOS XE WLCs Allows Remote Root Access.\n\n#CyberBulletin", "creation_timestamp": "2025-05-08T04:34:45.000000Z"}, {"uuid": "d660853b-f880-4b97-a0a6-e02d439e2b14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/38755", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aCVE-2025-20188: Unauthenticated RCE in Cisco IOS XE WLC via Hard-Coded JWT\nURL\uff1ahttps://github.com/voyagken/CVE-2025-20188\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-05-31T10:14:45.000000Z"}, {"uuid": "9a14e27d-4873-464d-831a-0651f9de4eae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "published-proof-of-concept", "source": "https://t.me/ics_cert/1154", "content": "\u0633\u06cc\u0633\u06a9\u0648 \u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u0627 \u0634\u062f\u062a \u0628\u0627\u0644\u0627 \u0631\u0627 \u062f\u0631 \u0646\u0631\u0645\u200c\u0627\u0641\u0632\u0627\u0631 IOS XE \u0628\u0631\u0627\u06cc \u06a9\u0646\u062a\u0631\u0644\u200c\u06a9\u0646\u0646\u062f\u0647\u200c\u0647\u0627\u06cc \u0628\u06cc\u200c\u0633\u06cc\u0645 LAN \u0628\u0631\u0637\u0631\u0641 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0634\u0627\u0645\u0644 \u06cc\u06a9 JSON Web Token (JWT) \u06a9\u062f\u06af\u0630\u0627\u0631\u06cc \u0634\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645 \u063a\u06cc\u0631\u0645\u062c\u0627\u0632 \u0648 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u062f\u0633\u062a\u06af\u0627\u0647\u200c\u0647\u0627 \u0631\u0627 \u062f\u0631 \u062f\u0633\u062a \u0628\u06af\u06cc\u0631\u062f.\n\nJWT \u0628\u0631\u0627\u06cc \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u062f\u0631\u062e\u0648\u0627\u0633\u062a\u200c\u0647\u0627 \u0628\u0647 \u062a\u0627\u0628\u0639 \u062f\u0627\u0646\u0644\u0648\u062f \u062a\u0635\u0648\u06cc\u0631 \u0646\u0642\u0637\u0647 \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0637\u0631\u06cc\u0642 \u06cc\u06a9 \u06a9\u0627\u0646\u0627\u0644 \u062e\u0627\u0631\u062c\u06cc \u062f\u0631 \u0646\u0638\u0631 \u06af\u0631\u0641\u062a\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a.\n\n\u0627\u06cc\u0646 \u0628\u0647 \u0646\u0642\u0627\u0637 \u062f\u0633\u062a\u0631\u0633\u06cc (AP\u0647\u0627) \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc\u200c\u062f\u0647\u062f \u062a\u0627 \u062a\u0635\u0627\u0648\u06cc\u0631 \u0633\u06cc\u0633\u062a\u0645 \u0639\u0627\u0645\u0644 \u0631\u0627 \u0627\u0632 \u0637\u0631\u06cc\u0642 HTTPS \u0628\u0647 \u062c\u0627\u06cc \u067e\u0631\u0648\u062a\u06a9\u0644 CAPWAP \u062f\u0627\u0646\u0644\u0648\u062f \u06a9\u0646\u0646\u062f \u0648 \u0631\u0648\u0634\u06cc \u0627\u0646\u0639\u0637\u0627\u0641\u200c\u067e\u0630\u06cc\u0631\u062a\u0631 \u0648 \u0645\u0633\u062a\u0642\u06cc\u0645\u200c\u062a\u0631 \u0628\u0631\u0627\u06cc \u062f\u0627\u0646\u0644\u0648\u062f \u0645\u06cc\u0627\u0646\u200c\u0627\u0641\u0632\u0627\u0631 \u0627\u0631\u0627\u0626\u0647 \u062f\u0647\u0646\u062f.\n\n\u0627\u0632 \u0622\u0646\u062c\u0627\u06cc\u06cc \u06a9\u0647 \u0627\u06cc\u0646 \u062a\u0648\u06a9\u0646 \u0628\u0647 \u0635\u0648\u0631\u062a \u06a9\u062f\u06af\u0630\u0627\u0631\u06cc \u0634\u062f\u0647 \u0627\u0633\u062a\u060c \u0647\u0631 \u06a9\u0633\u06cc \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u062f\u0648\u0646 \u0646\u06cc\u0627\u0632 \u0628\u0647 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a\u060c \u062e\u0648\u062f \u0631\u0627 \u0628\u0647 \u062c\u0627\u06cc \u06cc\u06a9 \u06a9\u0627\u0631\u0628\u0631 \u0645\u062c\u0627\u0632 \u062c\u0627 \u0628\u0632\u0646\u062f.\n\n\u0637\u0628\u0642 \u06af\u0641\u062a\u0647\u200c\u06cc \u0641\u0631\u0648\u0634\u0646\u062f\u0647\u060c \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u0627 \u0634\u0646\u0627\u0633\u0647\u200c\u06cc CVE-2025-20188 \u0631\u062f\u06cc\u0627\u0628\u06cc \u0645\u06cc\u200c\u0634\u0648\u062f \u0648 \u062d\u062f\u0627\u06a9\u062b\u0631 \u0627\u0645\u062a\u06cc\u0627\u0632 CVSS \u0622\u0646 \u06f1\u06f0.\u06f0 \u0627\u0633\u062a.\n\n\u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0627 \u0627\u0631\u0633\u0627\u0644 \u062f\u0631\u062e\u0648\u0627\u0633\u062a\u200c\u0647\u0627\u06cc HTTPS \u062f\u0633\u062a\u06a9\u0627\u0631\u06cc\u200c\u0634\u062f\u0647\u200c\u06cc \u062e\u0627\u0635 \u0628\u0647 \u0631\u0627\u0628\u0637 \u062f\u0627\u0646\u0644\u0648\u062f \u062a\u0635\u0648\u06cc\u0631 \u0646\u0642\u0637\u0647 \u062f\u0633\u062a\u0631\u0633\u06cc\u060c \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0633\u0648\u0621\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u062f.\n\n\u06cc\u06a9 \u0633\u0648\u0621\u0627\u0633\u062a\u0641\u0627\u062f\u0647\u200c\u06cc \u0645\u0648\u0641\u0642\u06cc\u062a\u200c\u0622\u0645\u06cc\u0632 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u0641\u0627\u06cc\u0644\u200c\u0647\u0627 \u0631\u0627 \u0622\u067e\u0644\u0648\u062f \u06a9\u0646\u062f\u060c \u067e\u06cc\u0645\u0627\u06cc\u0634 \u0645\u0633\u06cc\u0631 \u0627\u0646\u062c\u0627\u0645 \u062f\u0647\u062f \u0648 \u062f\u0633\u062a\u0648\u0631\u0627\u062a \u062f\u0644\u062e\u0648\u0627\u0647 \u0631\u0627 \u0628\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632\u0627\u062a \u0631\u06cc\u0634\u0647 \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f.\n\n\u0628\u0627 \u0627\u06cc\u0646 \u062d\u0627\u0644\u060c CVE-2025-20188 \u062a\u0646\u0647\u0627 \u062f\u0631 \u0635\u0648\u0631\u062a\u06cc \u0642\u0627\u0628\u0644 \u0633\u0648\u0621\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0648\u06cc\u0698\u06af\u06cc \u0630\u06a9\u0631 \u0634\u062f\u0647 \u0631\u0648\u06cc \u062f\u0633\u062a\u06af\u0627\u0647 \u0641\u0639\u0627\u0644 \u0628\u0627\u0634\u062f (\u0628\u0647 \u0637\u0648\u0631 \u067e\u06cc\u0634\u200c\u0641\u0631\u0636 \u063a\u06cc\u0631\u0641\u0639\u0627\u0644 \u0627\u0633\u062a).\n\n\u0628\u0627 \u0627\u06cc\u0646 \u062d\u0627\u0644\u060c \u062a\u0645\u0631\u06cc\u0646 \u0646\u0634\u0627\u0646 \u0645\u06cc\u200c\u062f\u0647\u062f \u06a9\u0647 \u0628\u0631\u062e\u06cc \u0627\u0632 \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0634\u0631\u06a9\u062a\u200c\u0647\u0627\u06cc \u0628\u0632\u0631\u06af \u0627\u0632 \u0622\u0646 \u0628\u0631\u0627\u06cc \u0622\u0645\u0627\u062f\u0647\u200c\u0633\u0627\u0632\u06cc \u06cc\u0627 \u0628\u0627\u0632\u06cc\u0627\u0628\u06cc \u0633\u0631\u06cc\u0639\u200c\u062a\u0631 \u0646\u0642\u0627\u0637 \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u06a9\u0646\u0646\u062f.\n\n\u062e\u0637\u0627 \u062a\u0623\u062b\u06cc\u0631 \u0645\u06cc\u200c\u06af\u0630\u0627\u0631\u062f \u0628\u0631:\n- \u06a9\u0627\u062a\u0627\u0644\u06cc\u0633\u062a 9800-CL \u0628\u0631\u0627\u06cc \u06a9\u0646\u062a\u0631\u0644\u0631\u0647\u0627\u06cc \u0628\u06cc\u200c\u0633\u06cc\u0645 \u0627\u0628\u0631\u06cc\u061b\n- \u06a9\u0646\u062a\u0631\u0644\u0631 \u0628\u06cc\u200c\u0633\u06cc\u0645 \u06cc\u06a9\u067e\u0627\u0631\u0686\u0647 Catalyst 9800 \u0628\u0631\u0627\u06cc \u0633\u0648\u0626\u06cc\u0686\u200c\u0647\u0627\u06cc \u0633\u0631\u06cc Catalyst 9300\u060c 9400 \u0648 9500\u061b\n- \u06a9\u0646\u062a\u0631\u0644\u0631\u0647\u0627\u06cc \u0628\u06cc\u200c\u0633\u06cc\u0645 \u0633\u0631\u06cc Catalyst 9800\u061b\n- \u06a9\u0646\u062a\u0631\u0644\u0631 \u0628\u06cc\u200c\u0633\u06cc\u0645 \u062f\u0627\u062e\u0644\u06cc \u0631\u0648\u06cc \u0646\u0642\u0627\u0637 \u062f\u0633\u062a\u0631\u0633\u06cc \u06a9\u0627\u062a\u0627\u0644\u06cc\u0633\u062a.\n\n\u0628\u0627 \u0627\u06cc\u0646 \u062d\u0627\u0644\u060c \u0645\u0634\u06a9\u0644 JWT \u0628\u0627 \u06a9\u062f\u0646\u0648\u06cc\u0633\u06cc \u0633\u062e\u062a \u060c Cisco IOS (\u063a\u06cc\u0631 XE)\u060c Cisco IOS XR\u060c Cisco Meraki\u060c Cisco NX-OS \u0648 WLC\u0647\u0627\u06cc \u0645\u0628\u062a\u0646\u06cc \u0628\u0631 Cisco AireOS \u0631\u0627 \u062a\u062d\u062a \u062a\u0623\u062b\u06cc\u0631 \u0642\u0631\u0627\u0631 \u0646\u0645\u06cc\u200c\u062f\u0647\u062f.\n\n\u0633\u06cc\u0633\u06a9\u0648 \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc\u200c\u0647\u0627\u06cc\u06cc \u0631\u0627 \u0628\u0631\u0627\u06cc \u0631\u0641\u0639 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a \u0648 \u0628\u0647 \u0645\u062f\u06cc\u0631\u0627\u0646 \u0633\u06cc\u0633\u062a\u0645 \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc\u200c\u0634\u0648\u062f \u062f\u0631 \u0627\u0633\u0631\u0639 \u0648\u0642\u062a \u0622\u0646\u0647\u0627 \u0631\u0627 \u0627\u0639\u0645\u0627\u0644 \u06a9\u0646\u0646\u062f.\n\n\u0627\u06af\u0631\u0686\u0647 \u0647\u06cc\u0686 \u0631\u0627\u0647\u06a9\u0627\u0631 \u06cc\u0627 \u0631\u0627\u0647\u200c\u062d\u0644\u06cc \u0628\u0631\u0627\u06cc CVE-2025-20188 \u0648\u062c\u0648\u062f \u0646\u062f\u0627\u0631\u062f\u060c \u063a\u06cc\u0631\u0641\u0639\u0627\u0644 \u06a9\u0631\u062f\u0646 \u0648\u06cc\u0698\u06af\u06cc \u062f\u0627\u0646\u0644\u0648\u062f \u062a\u0635\u0648\u06cc\u0631 AP \u062e\u0627\u0631\u062c \u0627\u0632 \u0628\u0627\u0646\u062f\u060c \u0645\u062d\u0627\u0641\u0638\u062a \u0642\u0648\u06cc \u0627\u06cc\u062c\u0627\u062f \u0645\u06cc\u200c\u06a9\u0646\u062f.\n\n\u0633\u06cc\u0633\u06a9\u0648 \u0645\u06cc\u200c\u06af\u0648\u06cc\u062f \u0647\u06cc\u0686 \u0645\u0648\u0631\u062f \u0634\u0646\u0627\u062e\u062a\u0647\u200c\u0634\u062f\u0647\u200c\u0627\u06cc \u0627\u0632 \u0633\u0648\u0621\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0641\u0639\u0627\u0644 \u0627\u0632 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc CVE-2025-20188 \u0648\u062c\u0648\u062f \u0646\u062f\u0627\u0634\u062a\u0647 \u0627\u0633\u062a.\n\n\u0628\u0627 \u0627\u06cc\u0646 \u062d\u0627\u0644\u060c \u0628\u0627 \u062a\u0648\u062c\u0647 \u0628\u0647 \u0634\u062f\u062a \u0645\u0634\u06a9\u0644\u060c \u0627\u062d\u062a\u0645\u0627\u0644\u0627\u064b \u0647\u06a9\u0631\u0647\u0627\u06cc \u0633\u0627\u06cc\u0628\u0631\u06cc \u0632\u06cc\u0631\u0632\u0645\u06cc\u0646\u06cc \u062a\u0644\u0627\u0634 \u062e\u0648\u0627\u0647\u0646\u062f \u06a9\u0631\u062f \u062a\u0627 \u0646\u0642\u0627\u0637 \u067e\u0627\u06cc\u0627\u0646\u06cc \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 \u0631\u0627 \u0627\u0633\u06a9\u0646 \u06a9\u0646\u0646\u062f.\n\nhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-file-uplpd-rHZG9UfC\n\n\ud83c\udfed \u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\ud83d\udc6e\ud83c\udffd\u200d\u2640\ufe0f\u0647\u0631\u06af\u0648\u0646\u0647 \u0627\u0646\u062a\u0634\u0627\u0631 \u0648 \u0630\u06a9\u0631 \u0645\u0637\u0627\u0644\u0628 \u0628\u062f\u0648\u0646 \u0630\u06a9\u0631 \u062f\u0642\u06cc\u0642 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u0644\u06cc\u0646\u06a9 \u0622\u0646 \u0645\u0645\u0646\u0648\u0639 \u0627\u0633\u062a. \n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u06af\u0631\u0648\u0647 \u0648\u0627\u062a\u0633 \u0622\u067e :\nhttps://chat.whatsapp.com/FpB620AWEeSKvd8U6cFh33\n\u06af\u0631\u0648\u0647 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ICSCERT_IR", "creation_timestamp": "2025-05-15T18:38:09.000000Z"}, {"uuid": "4c9f410f-151e-4083-b4ec-8fa14a6b251f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/9975", "content": "Cisco IOS XE WLC File Upload Vuln CVE-2025-20188\n\nhttps://horizon3.ai/attack-research/attack-blogs/cisco-ios-xe-wlc-arbitrary-file-upload-vulnerability-cve-2025-20188-analysis/", "creation_timestamp": "2025-06-12T16:53:18.000000Z"}, {"uuid": "54e7c6ba-7d49-4bcf-8cf0-53c9e1d6c80e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "published-proof-of-concept", "source": "https://t.me/S_E_Reborn/5661", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Horizon3 \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 Cisco IOS XE WLC, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043a\u0430\u043a CVE-2025-20188.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0432 \u043e\u0442\u0447\u0435\u0442\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043d\u0435 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442\u0441\u044f \u0433\u043e\u0442\u043e\u0432\u043e\u0433\u043e \u043a \u0437\u0430\u043f\u0443\u0441\u043a\u0443 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u044f RCE-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430, \u043e\u0434\u043d\u0430\u043a\u043e \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0432\u043f\u043e\u043b\u043d\u0435 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0434\u043b\u044f \u0435\u0433\u043e \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u043e\u043f\u044b\u0442\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c.\n\n7 \u043c\u0430\u044f 2025 \u0433\u043e\u0434\u0430 Cisco \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 IOS XE \u0434\u043b\u044f \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u043e\u0432 \u0431\u0435\u0441\u043f\u0440\u043e\u0432\u043e\u0434\u043d\u044b\u0445 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c\u0438.\n\n\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0437\u0430\u044f\u0432\u0438\u043b, \u0447\u0442\u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u0436\u0435\u0441\u0442\u043a\u043e \u0437\u0430\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c JSON Web Token (JWT), \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043e\u0431\u0445\u043e\u0434 \u043f\u0443\u0442\u0438 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 root.\n\n\u0412 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435 \u043e\u0442\u043c\u0435\u0447\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2025-20188 \u043e\u043f\u0430\u0441\u043d\u0430 \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u0442\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435, \u0435\u0441\u043b\u0438 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u044f \u00ab\u0417\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u043e\u0431\u0440\u0430\u0437\u0430 \u0442\u043e\u0447\u043a\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043f\u043e \u0432\u043d\u0435\u0448\u043d\u0435\u043c\u0443 \u043a\u0430\u043d\u0430\u043b\u0443\u00bb.\n\n\u041e\u043d\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 Catalyst 9800-CL Wireless Controllers for Cloud, Catalyst 9800 Embedded Wireless Controller \u0434\u043b\u044f \u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u043e\u0432 \u0441\u0435\u0440\u0438\u0439 9300, 9400, and 9500 Series Switches,  Catalyst 9800 Series Wireless Controllers \u0438 Embedded Wireless Controller \u043d\u0430 Catalyst APs.\n\n\u041a\u0430\u043a \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442 \u0432 Horizon3, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0438\u0437-\u0437\u0430 \u0436\u0435\u0441\u0442\u043a\u043e \u0437\u0430\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u043e\u0433\u043e \u0441\u0435\u043a\u0440\u0435\u0442\u043d\u043e\u0433\u043e \u043a\u043b\u044e\u0447\u0430 JWT (\u00abnotfound\u00bb), \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u0433\u043e \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u043c\u0438 \u0441\u043a\u0440\u0438\u043f\u0442\u0430\u043c\u0438 Lua \u0434\u043b\u044f \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u0445 \u0442\u043e\u0447\u0435\u043a \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438, \u0432 \u0441\u043e\u0447\u0435\u0442\u0430\u043d\u0438\u0438 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u043f\u0443\u0442\u0438.\n\n\u0412 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438, \u0431\u044d\u043a\u044d\u043d\u0434 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0441\u043a\u0440\u0438\u043f\u0442\u044b OpenResty (Lua + Nginx) \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0442\u043e\u043a\u0435\u043d\u043e\u0432 JWT \u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u043e\u043a \u0444\u0430\u0439\u043b\u043e\u0432, \u043d\u043e \u0435\u0441\u043b\u0438 \u0444\u0430\u0439\u043b '/tmp/nginx_jwt_key' \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442, \u0441\u043a\u0440\u0438\u043f\u0442 \u0432\u043e\u0437\u0432\u0440\u0430\u0449\u0430\u0435\u0442\u0441\u044f \u043a \u0441\u0442\u0440\u043e\u043a\u0435 \"notfound\" \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0441\u0435\u043a\u0440\u0435\u0442\u0430 \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 JWT.\n\n\u041f\u043e \u0441\u0443\u0442\u0438, \u044d\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0433\u0435\u043d\u0435\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0442\u043e\u043a\u0435\u043d\u044b, \u043d\u0435 \u0437\u043d\u0430\u044f \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0441\u0435\u043a\u0440\u0435\u0442\u043e\u0432, \u043f\u0440\u043e\u0441\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u00abHS256\u00bb \u0438 \u00abnotfound\u00bb.\n\nHorizon3 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u043f\u0440\u0438\u043c\u0435\u0440 \u0441 \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u043e\u0439 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u0430 POST \u0441 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u043e\u0439 \u0444\u0430\u0439\u043b\u0430 \u043d\u0430 \u043a\u043e\u043d\u0435\u0447\u043d\u0443\u044e \u0442\u043e\u0447\u043a\u0443 \u00ab/ap_spec_rec/upload/\u00bb \u0447\u0435\u0440\u0435\u0437 \u043f\u043e\u0440\u0442 8443 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0443\u0442\u0438 \u0438\u043c\u0435\u043d\u0438 \u0444\u0430\u0439\u043b\u0430, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u043c\u0435\u0441\u0442\u0438\u0442\u044c \u0431\u0435\u0437\u043e\u0431\u0438\u0434\u043d\u044b\u0439 \u0444\u0430\u0439\u043b (foo.txt) \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u043c\u043e\u0433\u043e \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430.\n\n\u0414\u043b\u044f \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 \u0434\u043e \u0443\u0440\u043e\u0432\u043d\u044f RCE, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438, \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0435 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u043c\u0438 \u0441\u043b\u0443\u0436\u0431\u0430\u043c\u0438, \u0441\u0431\u0440\u043e\u0441\u0438\u0442\u044c \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 \u0438\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439.\n\n\u0412 \u0441\u043b\u0443\u0447\u0430\u0435 \u0441 Horizon3, \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043e \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u0435 \u0441\u043b\u0443\u0436\u0431\u043e\u0439 \u00abpvp.sh\u00bb, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0435 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0438, \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442 \u0444\u0430\u0439\u043b\u044b \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438, \u043e\u0442 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043e\u043d\u0430 \u0437\u0430\u0432\u0438\u0441\u0438\u0442, \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0434\u0430\u0436\u0435 \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043a\u043e\u043c\u0430\u043d\u0434 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u0439 \u0440\u0438\u0441\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 (17.12.04 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043d\u043e\u0432\u043e\u0439).\n\n\u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0433\u043e \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u044b \u043c\u043e\u0433\u0443\u0442 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u044e \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043e\u0431\u0440\u0430\u0437\u0430 \u0442\u043e\u0447\u043a\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043f\u043e \u0432\u043d\u0435\u0448\u043d\u0435\u043c\u0443 \u043a\u0430\u043d\u0430\u043b\u0443, \u0447\u0442\u043e\u0431\u044b \u0437\u0430\u043a\u0440\u044b\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u0441\u043b\u0443\u0436\u0431\u0443.", "creation_timestamp": "2025-06-02T14:53:33.000000Z"}, {"uuid": "01d4255f-4303-4259-827a-641d2b08094f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://t.me/ton618cyber/9205", "content": "Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT\n\nCisco fixes CVE-2025-20188, a 10.0 CVSS flaw tied to hardcoded JWT in wireless controllers, preventing root-level remote exploits.\n\n\nThe Hacker News | thehackernews\u200b.com \u2022 May 8, 2025", "creation_timestamp": "2025-05-09T02:41:07.000000Z"}, {"uuid": "124c9175-3f26-4f16-9740-16f453c710ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "exploited", "source": "https://t.me/kasperskyb2b/1725", "content": "\ud83c\udfaf\u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f ransomware \u0438 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0418\u0411 \u0437\u0430 \u043d\u0435\u0434\u0435\u043b\u044e\n\n\ud83d\udc6e\u200d\u2640\ufe0f \u041e\u0431\u0437\u043e\u0440 \u0442\u0435\u043d\u0434\u0435\u043d\u0446\u0438\u0439 ransomware \u0432 2025 \u0433\u043e\u0434\u0443. \u0420\u0430\u0441\u0441\u043c\u043e\u0442\u0440\u0435\u043d\u044b \u0440\u0435\u0433\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u044b\u0435 \u0442\u0440\u0435\u043d\u0434\u044b, \u0434\u043e\u043c\u0438\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 RaaS, \u0437\u0430\u043c\u0435\u0442\u043d\u043e\u0435 \u0432\u043b\u0438\u044f\u043d\u0438\u0435 \u043f\u043e\u043b\u0438\u0446\u0435\u0439\u0441\u043a\u0438\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439 \u0438 \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043d\u043e\u0432\u0430\u0446\u0438\u0438 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0445. \n\n\ud83d\udd35\u0422\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 \u0412\u041f\u041e, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u0433\u043e \u0447\u0430\u0441\u0442\u043e \u043c\u0435\u043b\u044c\u043a\u0430\u044e\u0449\u0435\u0439 \u0432 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0430\u0445 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u043e\u0439 DragonForce: \u0430\u0432\u0442\u043e\u0440\u044b \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442 \u044f\u0432\u043d\u043e\u0435 \u0441\u0445\u043e\u0434\u0441\u0442\u0432\u043e \u0441 \u043a\u043e\u0434\u043e\u043c \u0438\u0437 \u0443\u0442\u0435\u0447\u0435\u043a Conti \u0438 LockBit 3.0.\n\n\ud83d\udfe1\u0412 \u0441\u043e\u0441\u0435\u0434\u043d\u0438\u0445 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0430\u0445 \u0444\u0438\u0433\u0443\u0440\u0438\u0440\u0443\u0435\u0442 Mamona Ransomware \u2014 \u0438\u0445 \u0412\u041f\u041e \u0442\u043e\u0436\u0435 \u0440\u0430\u0437\u043e\u0431\u0440\u0430\u043b\u0438.\n\n\ud83d\ude35\u200d\ud83d\udcab \u041e\u0431\u0437\u043e\u0440 \u0430\u0440\u0441\u0435\u043d\u0430\u043b\u0430 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 DOGE Big Balls, \u043e\u0442\u043f\u043e\u0447\u043a\u043e\u0432\u0430\u0432\u0448\u0438\u0445\u0441\u044f \u043e\u0442 Fog ransomware. \u0412 \u043a\u043e\u043f\u0438\u043b\u043a\u0435: \u0441\u043a\u0440\u0438\u043f\u0442\u044b PowerShell, \u0430\u0433\u0435\u043d\u0442\u044b Havoc framework, mimikatz, \u0438, \u0447\u0442\u043e \u0431\u043e\u043b\u0435\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e, \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 Netlify.\u00a0 \n\n\ud83d\udcbb\u0422\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043b\u044c\u0449\u0438\u043a\u0430 Nitrogen, \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u043c\u043e\u0433\u043e \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0430 \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432\u044b\u0435 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438.\n\n\u23fa\u041e\u0431\u0437\u043e\u0440 \u0412\u041f\u041e, \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u043e\u0433\u043e \u0432 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u044f\u0445 Agenda Ransomware: SmokeLoader \u0438 NextLoader. \u041a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 \u043e\u0442\u043c\u0435\u0447\u0435\u043d\u044b \u0432 \u0421\u0428\u0410, \u0411\u0440\u0430\u0437\u0438\u043b\u0438\u0438, \u0418\u043d\u0434\u0438\u0438, \u0424\u0438\u043b\u0438\u043f\u043f\u0438\u043d\u0430\u0445 \u0438 \u041d\u0438\u0434\u0435\u0440\u043b\u0430\u043d\u0434\u0430\u0445.\n\n\ud83d\udd14 \u041d\u043e\u0432\u0430\u044f \u0432\u043e\u043b\u043d\u0430 \u0430\u0442\u0430\u043a APT Core Werewolf \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u0430 \u043d\u0430 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0412\u041f\u041a.\n\n\ud83e\udd73 \u0410 APT35/Charming kitten \u0432\u044b\u0441\u0442\u0443\u043f\u0438\u043b\u0430 \u0432 \u043d\u0435\u043e\u0431\u044b\u0447\u043d\u043e\u043c \u0430\u043c\u043f\u043b\u0443\u0430 \u2014 \u043e\u0442\u043a\u0440\u044b\u043b\u0430 \u0444\u0430\u043b\u044c\u0448\u0438\u0432\u044b\u0439 \u0441\u0430\u0439\u0442 \u043c\u043e\u0434\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0430\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u0430. \u0412\u041f\u041e \u0441 \u043d\u0435\u0433\u043e \u043d\u0435 \u0440\u0430\u0437\u0434\u0430\u0432\u0430\u043b\u0438, \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u0430\u0439\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0441\u044f \u043b\u0438\u0448\u044c \u0434\u043b\u044f \u043f\u0440\u043e\u0444\u0438\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0436\u0435\u0440\u0442\u0432.\n\n\ud83d\ude08 \u041a\u0441\u0442\u0430\u0442\u0438, \u043e \u0444\u0430\u043b\u044c\u0448\u0438\u0432\u043a\u0430\u0445. \u0421\u0445\u0435\u043c\u044b \u0441 \u0442\u0440\u0443\u0434\u043e\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e\u043c \u043d\u0430 \u0434\u0438\u0441\u0442\u0430\u043d\u0446\u0438\u043e\u043d\u043d\u0443\u044e \u0440\u0430\u0431\u043e\u0442\u0443 \u043b\u044e\u0434\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0430 \u0441\u0430\u043c\u043e\u043c \u0434\u0435\u043b\u0435 \u043b\u044e\u0434\u0438 \u0438\u0437 \u0421\u0435\u0432\u0435\u0440\u043d\u043e\u0439 \u041a\u043e\u0440\u0435\u0438, \u0448\u0438\u0440\u043e\u043a\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0438\u0441\u044c \u0433\u0435\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u0438 \u0438 \u0442\u0435\u043f\u0435\u0440\u044c \u043c\u043e\u0433\u0443\u0442 \u0432\u0441\u0442\u0440\u0435\u0447\u0430\u0442\u044c\u0441\u044f \u0438 \u0432 \u0415\u0432\u0440\u043e\u043f\u0435, \u0438 \u0432 \u0410\u0437\u0438\u0438. \u0421\u0443\u0434\u044f \u043f\u043e \u0435\u0434\u0438\u043d\u0438\u0447\u043d\u044b\u043c \u043e\u0442\u0437\u044b\u0432\u0430\u043c, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0442 \u0441\u0435\u0432\u0435\u0440\u043e\u043a\u043e\u0440\u0435\u0439\u0441\u043a\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0441\u0442\u044b \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e, \u0435\u0441\u043b\u0438 \u043d\u0435 \u0441\u0447\u0438\u0442\u0430\u0442\u044c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0433\u043e \u043f\u043e\u044f\u0432\u043b\u0435\u043d\u0438\u044f \u0432 \u043a\u043e\u0434\u0435\u00a0 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0444\u0443\u043d\u043a\u0446\u0438\u0439. \n\n\ud83d\udfe0\u041d\u0435\u0434\u0430\u0432\u043d\u044f\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f CVE-2025-31324 \u0432 SAP NetWeaver Visual Composer \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432\u0436\u0438\u0432\u0443\u044e \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u043e\u0439 Chaya_004,\u00a0 \u0441 \u0446\u0435\u043b\u044c\u044e \u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0430.\n\n\u26aa\ufe0f\u0410 \u0441\u0432\u0435\u0436\u0435\u043d\u044c\u043a\u043e\u0435 \u0442\u0440\u0438\u043e \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432 \u0432 SonicWall SMA (CVE-2025-32819, -32820, -32821) \u0442\u043e\u0436\u0435 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0432\u0436\u0438\u0432\u0443\u044e. \u0414\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u043f\u0430\u0442\u0447.\n\n\u26aa\ufe0f\u041d\u0443 \u0438 \u0447\u0442\u043e\u0431\u044b \u0437\u0430\u043a\u0440\u044b\u0442\u044c (\u0448\u0443\u0442\u043a\u0430) \u0442\u0435\u043c\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043e\u0442 \u0441\u0432\u0435\u0436\u0430\u044f \u043f\u0430\u0447\u043a\u0430 \u0438\u0437 30 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435\u0439 Cisco, \u0432\u043a\u043b\u044e\u0447\u0430\u044f CVE-2025-20188 \u0441\u043e \u0441\u043a\u0440\u043e\u043c\u043d\u044b\u043c CVSS 10.\n\n\ud83e\udd21 \u0418 \u043a\u043e\u043c\u0438\u0447\u043d\u0430\u044f \u043d\u043e\u0432\u043e\u0441\u0442\u044c \u043d\u0430\u043f\u043e\u0441\u043b\u0435\u0434\u043e\u043a. \u041c\u0443\u0436\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438, \u0447\u0442\u043e \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0439 open source \u043f\u0430\u043a\u0435\u0442 easyjson, \u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442\u0441\u044f, \u043d\u0430\u043f\u0438\u0441\u0430\u043d \u0438 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u0432 VK, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0432\u0441\u044f \u0437\u0430\u043f\u0430\u0434\u043d\u0430\u044f \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430 \u0432 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438. \u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e \u043f\u0430\u043a\u0435\u0442 \u0436\u0438\u0432\u0451\u0442 \u043f\u043e \u0430\u0434\u0440\u0435\u0441\u0443 github.com/mailru/easyjson, \u044d\u0442\u043e \u043d\u0430\u0432\u0435\u0440\u043d\u044f\u043a\u0430 \u0431\u044b\u043b\u043e \u0441\u043b\u043e\u0436\u043d\u043e\u0435 \u0438 \u0433\u043e\u043b\u043e\u0432\u043e\u043b\u043e\u043c\u043d\u043e\u0435 \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435, \u0441\u043d\u0438\u043c\u0430\u0435\u043c \u0448\u043b\u044f\u043f\u0443. \n\n#APT #ransomware #\u0434\u0430\u0439\u0434\u0436\u0435\u0441\u0442 @\u041f2\u0422", "creation_timestamp": "2025-05-12T09:16:28.000000Z"}, {"uuid": "fee84600-ad50-4e92-b440-f22d14b11157", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://t.me/information_security_channel/53643", "content": "Technical Details Published for Critical Cisco IOS XE Vulnerability\nhttps://www.securityweek.com/technical-details-published-for-critical-cisco-ios-xe-vulnerability/\n\nThe critical flaw, tracked as CVE-2025-20188 (CVSS score of 10/10), allows attackers to execute arbitrary code remotely.\nThe post Technical Details Published for Critical Cisco IOS XE Vulnerability (https://www.securityweek.com/technical-details-published-for-critical-cisco-ios-xe-vulnerability/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2025-06-02T21:48:56.000000Z"}, {"uuid": "9c3d92ed-c28e-49ba-81c4-8717d2e664fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://t.me/proxy_bar/2631", "content": "LOLz\n*\nCVE-2025-20188\nCisco IOS XE WLC - Arbitrary File Upload Vulnerability\n*\nread", "creation_timestamp": "2025-06-03T18:47:42.000000Z"}, {"uuid": "9de48dd6-7531-40b4-b0d6-1405979aba1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://t.me/CyberBulletin/3378", "content": "\u26a1\ufe0fTechnical details about a maximum-severity Cisco IOS XE WLC arbitrary file upload flaw tracked as CVE-2025-20188 have been made publicly available, bringing us closer to a working exploit.\n\n#CyberBulletin", "creation_timestamp": "2025-06-01T05:52:00.000000Z"}, {"uuid": "be4e2ee5-259b-42b6-acfd-691680a4ab88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "published-proof-of-concept", "source": "https://t.me/SecLabNews/16581", "content": "\ud83d\udd13 JWT-\u0434\u044b\u0440\u0430 \u0432 Cisco: \u0442\u043e\u043a\u0435\u043d \u00abnotfound\u00bb \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0434\u0432\u0435\u0440\u0438 \u0441\u0443\u043f\u0435\u0440\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\n\nHorizon3 \u0440\u0430\u0437\u043e\u0431\u0440\u0430\u043b \u043e\u0434\u043d\u0443 \u0438\u0437 \u0441\u0430\u043c\u044b\u0445 \u043e\u043f\u0430\u0441\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0433\u043e\u0434\u0430 \u2014 CVE-2025-20188 \u0432 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430\u0445 Cisco Catalyst \u043d\u0430 IOS XE. \u0411\u0430\u0433 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 root \u0431\u0435\u0437 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u043f\u0440\u0438 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0438 \u043a\u043b\u044e\u0447\u0430 \u0432\u0430\u043b\u0438\u0434\u0430\u0446\u0438\u0438 JWT \u0441\u0435\u0440\u0432\u0435\u0440 \u0441\u0430\u043c \u043f\u043e\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 \"notfound\" \u2014 \u0438 \u043b\u044e\u0431\u0430\u044f \u0441\u0430\u043c\u043e\u0434\u0435\u043b\u044c\u043d\u0430\u044f \u043f\u043e\u0434\u043f\u0438\u0441\u044c \u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u0441\u044f \u0432\u0430\u043b\u0438\u0434\u043d\u043e\u0439.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u044b\u0439 \u043a\u043e\u0434 \u2014 \u044d\u0442\u043e Lua-\u0441\u043a\u0440\u0438\u043f\u0442\u044b, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0435 \u0432 \u0441\u0432\u044f\u0437\u043a\u0435 \u0441 Nginx \u0447\u0435\u0440\u0435\u0437 OpenResty. \u0414\u043e\u0441\u0442\u0443\u043f \u043a API \u043d\u0430 \u043f\u043e\u0440\u0442\u0443 8443 \u0432\u043e\u0437\u043c\u043e\u0436\u0435\u043d \u0434\u0430\u0436\u0435 \u0431\u0435\u0437 \u0430\u0434\u043c\u0438\u043d\u043a\u0438: \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u0444\u0430\u0439\u043b\u0430 \u0432\u043d\u0435 \u0440\u0430\u0437\u0440\u0435\u0448\u0451\u043d\u043d\u043e\u0439 \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u0438 \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u043f\u0443\u0442\u044c \u043a \u043f\u043e\u0434\u043c\u0435\u043d\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0439. \u041e\u0441\u043e\u0431\u044b\u0439 \u0438\u043d\u0442\u0435\u0440\u0435\u0441 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0448\u0442\u0430\u0442\u043d\u044b\u0439 \u0441\u043a\u0440\u0438\u043f\u0442 pvp.sh, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u043d\u043e \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043f\u0440\u0438 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0438 \u0444\u0430\u0439\u043b\u043e\u0432.\n\n\u0421\u0438\u0442\u0443\u0430\u0446\u0438\u044e \u0443\u0441\u0443\u0433\u0443\u0431\u043b\u044f\u0435\u0442 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0437\u0430\u0449\u0438\u0442\u044b \u0432 OpenResty: \u0432\u0441\u044f \u043b\u043e\u0433\u0438\u043a\u0430 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438 \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 Lua, \u0430 \u0437\u043d\u0430\u0447\u0438\u0442 \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u0430 \u043d\u0430 \u0443\u0440\u043e\u0432\u043d\u0435 \u0431\u0438\u0437\u043d\u0435\u0441-\u043b\u043e\u0433\u0438\u043a\u0438. \u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e 17.12.04 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e. \u0418\u043d\u0430\u0447\u0435 \u043b\u044e\u0431\u043e\u0439 \u0441\u043a\u0440\u0438\u043f\u0442 \u0441 HS256 \u0438 \u043a\u043b\u044e\u0447\u043e\u043c \"notfound\" \u043c\u043e\u0436\u0435\u0442 \u0441\u0442\u0430\u0442\u044c \u0431\u0438\u043b\u0435\u0442\u043e\u043c \u0432 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443.\n\n#Cisco #CVE202520188 #JWT \n\n@SecLabNews", "creation_timestamp": "2025-06-02T06:11:55.000000Z"}, {"uuid": "05068b63-d674-4915-b8b3-f4eff1782b62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://t.me/CyberBulletin/3225", "content": "\u26a1\ufe0fCritical CVE-2025-20188 (CVSS 10) Flaw in Cisco IOS XE WLCs Allows Remote Root Access.\n\n#CyberBulletin", "creation_timestamp": "2025-05-08T06:34:45.000000Z"}, {"uuid": "c0cd3aa2-b79c-4c46-9252-ebe801018dd0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/17014", "content": "\ud83d\udea8Cisco IOS XE Wireless Controllers Vulnerable to Unauthenticated Root Exploits via JWT (CVE-2025-20188)\n\nCVSS: 10\n\nhttps://darkwebinformer.com/cisco-ios-xe-wireless-controllers-vulnerable-to-unauthenticated-root-exploits-via-jwt-cve-2025-20188/", "creation_timestamp": "2025-05-08T21:54:16.000000Z"}, {"uuid": "4b100907-013c-488e-9ea1-0d2ee7c1ef0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://t.me/cibsecurity/84660", "content": "\ud83d\udd8b\ufe0f Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT \ud83d\udd8b\ufe0f\n\nCisco has released software fixes to address a maximumseverity security flaw in its IOS XE Wireless Controller that could enable an unauthenticated, remote attacker to upload arbitrary files to a susceptible system. The vulnerability, tracked as CVE202520188, has been rated 10.0 on the CVSS scoring system. \"This vulnerability is due to the presence of a hardcoded JSON Web Token JWT on an.\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"The Hacker News\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2025-05-09T00:40:07.000000Z"}, {"uuid": "2a3b01b5-8363-42a8-8db1-bd4bef3321e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://t.me/ton618cyber/3771", "content": "Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT\n\nCisco fixes CVE-2025-20188, a 10.0 CVSS flaw tied to hardcoded JWT in wireless controllers, preventing root-level remote exploits.\n\n\nThe Hacker News | thehackernews\u200b.com \u2022 May 8, 2025", "creation_timestamp": "2025-05-09T02:41:08.000000Z"}, {"uuid": "24c64634-14c8-45be-9212-00c6487e722e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://t.me/TengkorakCyberCrewzz/30742", "content": "Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT \u2013 thehackernews.com\n\nThu, 08 May 2025 12:57:00", "creation_timestamp": "2025-05-08T10:03:03.000000Z"}, {"uuid": "1835645e-d74b-449a-9b35-324e324116ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://t.me/ctinow/235009", "content": "Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT\nhttps://ift.tt/6FvxOUb", "creation_timestamp": "2025-05-08T07:54:17.000000Z"}, {"uuid": "d9763597-6d34-4603-b7aa-98d1c5d509ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "Telegram/sGMrhdt1xRkyjwriNarFpo7-4ri_TwU1NIVc-PQIA4vTDA", "content": "", "creation_timestamp": "2025-05-08T09:16:00.000000Z"}, {"uuid": "b326f3ab-0de5-4e62-b25a-52c570f48c1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://t.me/true_secator/7026", "content": "Cisco \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0432 \u041f\u041e IOS XE \u0434\u043b\u044f \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u043e\u0432 \u0431\u0435\u0441\u043f\u0440\u043e\u0432\u043e\u0434\u043d\u043e\u0439 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0435\u0442\u0438, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0443\u044e \u0441 \u0436\u0435\u0441\u0442\u043a\u043e \u0437\u0430\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c JSON Web Token (JWT), \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0437\u0430\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430.\n\nJWT \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d \u0434\u043b\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043a \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043e\u0431\u0440\u0430\u0437\u0430 \u0442\u043e\u0447\u043a\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043f\u043e \u0432\u043d\u0435\u0448\u043d\u0435\u043c\u0443 \u043a\u0430\u043d\u0430\u043b\u0443.\n\n\u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0442\u043e\u0447\u043a\u0430\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0430 (\u0422\u0414) \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u043e\u0431\u0440\u0430\u0437\u044b \u041e\u0421 \u0447\u0435\u0440\u0435\u0437 HTTPS, \u0430 \u043d\u0435 \u043f\u043e \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0443 CAPWAP, \u0447\u0442\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u0435\u0442 \u0431\u043e\u043b\u0435\u0435 \u0433\u0438\u0431\u043a\u0438\u0439 \u0438 \u043f\u0440\u044f\u043c\u043e\u0439 \u0441\u043f\u043e\u0441\u043e\u0431 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0442\u043e\u043a\u0435\u043d \u0436\u0435\u0441\u0442\u043a\u043e \u0437\u0430\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0440\u043e\u0432\u0430\u043d, \u043b\u044e\u0431\u043e\u0439 \u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u0434\u0430\u0442\u044c \u0441\u0435\u0431\u044f \u0437\u0430 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0431\u0435\u0437 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2025-20188 \u0438 \u0438\u043c\u0435\u0435\u0442 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u0443\u044e \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 10,0.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 HTTPS-\u0437\u0430\u043f\u0440\u043e\u0441\u044b \u043d\u0430 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043e\u0431\u0440\u0430\u0437\u043e\u0432 \u0442\u043e\u0447\u043a\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043e\u0431\u0445\u043e\u0434 \u043f\u0443\u0442\u0438 \u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 root.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c CVE-2025-20188 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u0442\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435, \u0435\u0441\u043b\u0438 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u0435\u043c\u0430\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u044f (\u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u043e\u043d\u0430 \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0430).\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0430 \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442, \u0447\u0442\u043e \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043a\u0440\u0443\u043f\u043d\u044b\u0435 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0442 \u0435\u0435 \u0434\u043b\u044f \u0431\u043e\u043b\u0435\u0435 \u0431\u044b\u0441\u0442\u0440\u043e\u0439 \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043a\u0438 \u0438\u043b\u0438 \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0442\u043e\u0447\u0435\u043a \u0434\u043e\u0441\u0442\u0443\u043f\u0430.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442:\n- \u0431\u0435\u0441\u043f\u0440\u043e\u0432\u043e\u0434\u043d\u044b\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u044b Catalyst 9800-CL for Cloud;\n- \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u0439 \u0431\u0435\u0441\u043f\u0440\u043e\u0432\u043e\u0434\u043d\u043e\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440 Catalyst 9800 \u0434\u043b\u044f \u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u043e\u0432 \u0441\u0435\u0440\u0438\u0439 Catalyst 9300, 9400 \u0438 9500;\n- \u0431\u0435\u0441\u043f\u0440\u043e\u0432\u043e\u0434\u043d\u044b\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u044b \u0441\u0435\u0440\u0438\u0438 Catalyst 9800;\n- \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u0439 \u0431\u0435\u0441\u043f\u0440\u043e\u0432\u043e\u0434\u043d\u043e\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440 \u043d\u0430 Catalyst APs.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0441 \u0436\u0435\u0441\u0442\u043a\u043e \u0437\u0430\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c JWT \u043e\u0431\u043e\u0448\u043b\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u043e\u0439 Cisco IOS (\u043d\u0435 XE), Cisco IOS XR, Cisco Meraki, Cisco NX-OS \u0438 WLC \u043d\u0430 \u0431\u0430\u0437\u0435 Cisco AireOS.\n\nCisco \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u043c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u0438\u0445 \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u043c\u0435\u0440 \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439 \u0438\u043b\u0438 \u043e\u0431\u0445\u043e\u0434\u043d\u044b\u0445 \u043f\u0443\u0442\u0435\u0439 \u0434\u043b\u044f CVE-2025-20188, \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043e\u0431\u0440\u0430\u0437\u0430 \u0442\u043e\u0447\u043a\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043f\u043e \u0432\u043d\u0435\u0448\u043d\u0435\u043c\u0443 \u043a\u0430\u043d\u0430\u043b\u0443 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0442 \u043d\u0430\u0434\u0435\u0436\u043d\u0443\u044e \u0437\u0430\u0449\u0438\u0442\u0443.\n\n\u041a\u0430\u043a \u0437\u0430\u044f\u0432\u043b\u044f\u0435\u0442 Cisco, \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u0441\u043b\u0443\u0447\u0430\u0435\u0432 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 CVE-2025-20188 \u043d\u0435 \u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043b\u043e\u0441\u044c.\n\n\u041e\u0434\u043d\u0430\u043a\u043e, \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u044c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b, \u043a\u0438\u0431\u0435\u0440\u043f\u043e\u0434\u043f\u043e\u043b\u044c\u0435, \u0441\u043a\u043e\u0440\u0435\u0435 \u0432\u0441\u0435\u0433\u043e, \u0431\u0443\u0434\u0443\u0442 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043d\u0438\u043c\u0430\u0442\u044c \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u0445 \u0442\u043e\u0447\u0435\u043a.\n\n\u041d\u043e \u0431\u0443\u0434\u0435\u043c \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c.", "creation_timestamp": "2025-05-13T14:40:06.000000Z"}, {"uuid": "00878911-9b24-4586-a253-4805fb26fb62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20188", "type": "seen", "source": "https://t.me/thehackernews/6794", "content": "\ud83d\uded1 New Cisco flaw scores a perfect 10.0 CVSS.\n\nA hardcoded token. Root access. No login needed.\n\nIf you run Catalyst 9800 wireless controllers, you\u2019ll want to check this fast.\n\n\ud83d\udc49 Read more about CVE-2025-20188 here: https://thehackernews.com/2025/05/cisco-patches-cve-2025-20188-100-cvss.html", "creation_timestamp": "2025-05-08T07:03:57.000000Z"}]}