How severe is CVE-2025-20188?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 10 out of 10.

What type of vulnerability is CVE-2025-20188?

This is classified as CWE-798, which is a common weakness in software security.

CVE-2025-20188

CRITICAL Year: 2025

CVSS v3 Score

10.0

Critical

Weakness Type

CWE-798

View all →

Vulnerability Description

A vulnerability in the Out-of-Band Access Point (AP) Image Download feature of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, remote attacker to upload arbitrary files to an affected system. This vulnerability is due to the presence of a hard-coded JSON Web Token (JWT) on an affected system. An attacker could exploit this vulnerability by sending crafted HTTPS requests to the AP image download interface. A successful exploit could allow the attacker to upload files, perform path traversal, and execute arbitrary commands with root privileges. Note: For exploitation to be successful, the Out-of-Band AP Image Download feature must be enabled on the device. It is not enabled by default.

CVE-2013-3542

CRITICAL

CVSS:10.0(Critical)

Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, GXV3500, and possibly other camera models with firmware 1.0.4.11, have a hardcoded a...

CWE-7982013

CVE-2016-8717

CRITICAL

CVSS:10.0(Critical)

An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1. The device operating system contains an undocumented, privileged (ro...

CWE-7982016

CVE-2018-0222

CRITICAL

CVSS:10.0(Critical)

A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to log in to an affected system by using an administrative account that has default, ...

CWE-7982018

CVE-2018-5551

CRITICAL

CVSS:10.0(Critical)

Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4.0 and prior contain three credentials with known passwords: QDMaster, OTMaster, and sa.

CWE-7982018

CVE-2020-1614

CRITICAL

CVSS:10.0(Critical)

A Use of Hard-coded Credentials vulnerability exists in the NFX250 Series for the vSRX Virtual Network Function (VNF) instance, which allows an attacker to take control of the vSRX VNF instance if the...

CWE-7982020

CVE-2020-4429

CRITICAL

CVSS:10.0(Critical)

IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 contains a default password for an IDRM administrative account. A remote attacker could exploit this vulnerability to login and execu...

CWE-7982020

CVE-2025-20188

Vulnerability Description

Related Vulnerabilities

CVE-2013-3542

CVE-2016-8717

CVE-2018-0222

CVE-2018-5551

CVE-2020-1614

CVE-2020-4429