Cisco IOS XE

NewsSecurity Vulnerabilities

Continued exploitation of Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability (CVE-2018-0171)

– Cisco is aware of continued exploitation activity of the vulnerability that is described in this advisory and strongly recommends that customers assess their systems and upgrade to a fixed software release as soon as possible.

Read More
NewsSecurity Vulnerabilities

SNMP Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE Software

– The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.

Read More
NewsSecurity Vulnerabilities

Cisco IOS XE Wireless Controller Software Arbitrary File Upload Vulnerability (CVE-2025-20188)

CVE number = CVE-2025-20188 A vulnerability in the Out-of-Band Access Point (AP) Image Download feature of Cisco IOS XE Software

Read More
NewsSecurity Vulnerabilities

Cisco IOS XE SNMP OID Handling Out-Of-Bounds Read Denial-of-Service Vulnerability (CVE-2025-20172)

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Cisco IOS XE.

Read More
NewsSecurity Vulnerabilities

Cisco IOS XE SNMP GET-NEXT ciscoFlashFileSize Unexpected Sign Extension Denial-of-Service Vulnerability (CVE-2025-20169)

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Cisco IOS XE.

Read More
NewsSecurity Vulnerabilities

Cisco IOS XE Software Web UI Cross-Site Request Forgery Vulnerability [CVE-2024-20437]

CVE number = CVE-2024-20437 A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an unauthenticated,

Read More
NewsSecurity Vulnerabilities

Cisco IOS XE Software Auxiliary Asynchronous Port Denial of Service Vulnerability [CVE-2024-20309]

CVE number – CVE-2024-20309 A vulnerability in auxiliary asynchronous port (AUX) functions of Cisco IOS XE Software could allow an

Read More
NewsSecurity Vulnerabilities

Cisco IOS XE Software Web UI Command Injection Vulnerability [CVE-2021-1435]

CVE Number – CVE-2021-1435 A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote

Read More
NewsSecurity Vulnerabilities

Cisco IOS XE Software Web UI Privilege Escalation Vulnerability [CVE-2023-20198 and CVE-2023-20273]

Updated – 20/10/2023 CVE number – CVE-2023-20198 and CVE-2023-20273 Cisco is providing an update for the ongoing investigation into observed

Read More
NewsSecurity Vulnerabilities

Cisco IOS and IOS XE Software DHCP Remote Code Execution Vulnerability [CVE-2017-12240]

CVE number = CVE-2017-12240 The DHCP relay subsystem of Cisco IOS and Cisco IOS XE Software contains a vulnerability that

Read More