CNNVD-202509-3812 Information

CNNVD ID

CNNVD-202509-3812

Related CVE

CVE-2025-20338

• CNNVD Published: 2025-09-24

Description (Chinese)

Cisco IOS XE是美国思科（Cisco）公司的一个操作系统。用于企业有线和无线访问，汇聚，核心和WAN的单一操作系统，Cisco IOS XE降低了业务和网络的复杂性。 Cisco IOS XE存在安全漏洞，该漏洞源于对特定CLI命令中用户参数验证不足，可能导致执行任意代码。

Description (English)

Cisco IOS XE is an operating system of Cisco. Cisco IOS XE, a single operating system for Cable and Wireless Access, Convergence, Core and WAN, reduces the complexity of operations and networks. Cisco IOS XE had a security loophole, which stemmed from insufficient verification of user parameters in a given CLI command, which could lead to the enforcement of arbitrary codes.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Citadel

Published

2025-09-24

Last Modified

2026-02-24

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-arg-inject-EyDDbh4e https://access.redhat.com/security/cve/cve-2025-20338

Patch

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-arg-inject-EyDDbh4e