CVE-2025-20221 – Cisco IOS XE SD-WAN Remote Packet Filtering Bypass Vulnerability

May 7, 2025

CVE ID : CVE-2025-20221

Published : May 7, 2025, 6:15 p.m. | 1 hour, 20 minutes ago

Description : A vulnerability in the packet filtering features of Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to bypass Layer 3 and Layer 4 traffic filters.

This vulnerability is due to improper traffic filtering conditions on an affected device. An attacker could exploit this vulnerability by sending a crafted packet to the affected device. A successful exploit could allow the attacker to bypass the Layer 3 and Layer 4 traffic filters and inject a crafted packet into the network.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-32819 – SonicWall SMA SSLVPN File Deletion Vulnerability

Next Article CVE-2025-20214 – Cisco IOS XE NACM Unauthorized Data Access Vulnerability

Coded Smorgasbord: High Strung

Chainguard launches trusted collection of verified JavaScript libraries

CData launches Connect AI to provide agents access to enterprise data sources

PostgreSQL 18 adds asynchronous I/O to improve performance

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

Development Release: MX Linux 25 Beta 1

DistroWatch Weekly, Issue 1140

PHP 8.5.0 RC 1 available for testing

PHP 8.5.0 RC 1 available for testing

Terraform Code Generator Using Ollama and CodeGemma

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

CVE-2025-20221 – Cisco IOS XE SD-WAN Remote Packet Filtering Bypass Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

Google Chrome for iOS now lets you switch between personal and work accounts

CVE-2025-6402 – TOTOLINK X15 HTTP POST Request Handler Buffer Overflow Vulnerability

Le notizie minori del mondo GNU/Linux e dintorni della settimana nr 27/2025

CVE-2025-4559 – Netvision ISOinsight SQL Injection

How to Use Google Classroom as a Teacher (Step-by-Step Guide)

CVE-2025-4810 – Tenda AC7 Stack-Based Buffer Overflow Vulnerability

CVE-2025-6686 – Elementor Magic Buttons Stored Cross-Site Scripting Vulnerability

CISA Warns Planet Technology Network Products Let Attackers Manipulate Devices

CVE-2025-20221 – Cisco IOS XE SD-WAN Remote Packet Filtering Bypass Vulnerability

Related Posts