CVE-2025-20334 | Cisco IOS XE up to 17.16.1a HTTP API Subsystem command injection (cisco-sa-ios-xe-cmd-inject-rPJM8BGL)

A vulnerability classified as critical has been found in Cisco IOS XE. This affects an unknown function of the component HTTP API Subsystem. The manipulation leads to command injection.

This vulnerability is documented as CVE-2025-20334. The attack can be initiated remotely. There is not any exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More