CVE-2025-20338 | Cisco IOS XE up to 17.16.1a CLI User parameter/argument delimiters (cisco-sa-iosxe-arg-inject-EyDDbh4e)

A vulnerability categorized as critical has been discovered in Cisco IOS XE. The affected element is an unknown function of the component CLI. Such manipulation of the argument User leads to improper neutralization of parameter/argument delimiters.

This vulnerability is referenced as CVE-2025-20338. The attack can only be performed from a local environment. No exploit is available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More