CVE-2025-20327
7.7
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the web UI of Cisco IOS Software could allow an authenticated, remote attacker with low privileges to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper input validation. An attacker could exploit this vulnerability by sending a crafted URL in an HTTP request. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Cisco | IOS | 15.2(6)E2 | affected |
| Cisco | IOS | 15.2(7)E | affected |
| Cisco | IOS | 15.2(6)E2a | affected |
| Cisco | IOS | 15.2(6)E2b | affected |
| Cisco | IOS | 15.2(7)E1 | affected |
| Cisco | IOS | 15.2(7)E0a | affected |
| Cisco | IOS | 15.2(7)E0b | affected |
| Cisco | IOS | 15.2(7)E0s | affected |
| Cisco | IOS | 15.2(6)E3 | affected |
| Cisco | IOS | 15.2(7)E2 | affected |
| Cisco | IOS | 15.2(7a)E0b | affected |
| Cisco | IOS | 15.2(7)E3 | affected |
| Cisco | IOS | 15.2(7)E1a | affected |
| Cisco | IOS | 15.2(7b)E0b | affected |
| Cisco | IOS | 15.2(7)E2a | affected |
| Cisco | IOS | 15.2(7)E4 | affected |
| Cisco | IOS | 15.2(7)E3k | affected |
| Cisco | IOS | 15.2(8)E | affected |
| Cisco | IOS | 15.2(8)E1 | affected |
| Cisco | IOS | 15.2(7)E5 | affected |
| Cisco | IOS | 15.2(7)E6 | affected |
| Cisco | IOS | 15.2(8)E2 | affected |
| Cisco | IOS | 15.2(7)E7 | affected |
| Cisco | IOS | 15.2(8)E3 | affected |
| Cisco | IOS | 15.2(7)E8 | affected |
| Cisco | IOS | 15.2(8)E4 | affected |
| Cisco | IOS | 15.2(7)E9 | affected |
| Cisco | IOS | 15.2(8)E5 | affected |
| Cisco | IOS | 15.2(7)E10 | affected |
Weaknesses
- CWE-1287: Improper Validation of Specified Type of Input
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.