CVE-2025-20130 – “Cisco ISE File Upload Vulnerability”

June 4, 2025

CVE ID : CVE-2025-20130

Published : June 4, 2025, 5:15 p.m. | 2 hours, 21 minutes ago

Description : A vulnerability in the API of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker with administrative privileges to upload files to an affected device.

This vulnerability is due to improper validation of the file copy function. An attacker could exploit this vulnerability by sending a crafted file upload request to a specific API endpoint. A successful exploit could allow the attacker to upload arbitrary files to an affected system.

Severity: 4.9 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-20129 – Cisco Customer Collaboration Platform (CCP) HTTP Request Manipulation Vulnerability

Next Article CVE-2025-5594 – FreeFloat FTP Server SET Command Handler Buffer Overflow Vulnerability

Highlights

CVE-2025-4745 – Apache Code-projects Employee Record System Cross-Site Scripting

May 16, 2025

CVE ID : CVE-2025-4745

Published : May 16, 2025, 4:15 a.m. | 4 hours, 44 minutes ago

Description : A vulnerability, which was classified as problematic, was found in code-projects Employee Record System 1.0. This affects an unknown part of the file current_employees.php. The manipulation of the argument employeed_id/first_name/middle_name/last_name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

AI is currently in its teenage years, battling raging hormones

4 ways your organization can adapt and thrive in the age of AI

Google’s new Search tool turns financial info into interactive charts – how to try it

This rugged Android phone has something I’ve never seen on competing models

Anthropic’s new AI models for classified info are already in use by US gov

Handling PostgreSQL Migrations in Node.js

Handling PostgreSQL Migrations in Node.js

How to Add Product Badges in Optimizely Configured Commerce Spire

Salesforce Health Check Assessment Unlocks ROI

Microsoft: Run PS script now if you deleted “inetpub” on Windows 11, Windows 10

Microsoft: Run PS script now if you deleted “inetpub” on Windows 11, Windows 10

Spf Permerror Troubleshooting Guide For Better Email Deliverability Today

Amap – Gather Info in Easy Way

CVE-2025-20130 – “Cisco ISE File Upload Vulnerability”

Leadership, Trust, and Cyber Hygiene: NCSC’s Guide to Security Culture in Action

CVE-2025-5399 – “Libcurl WebSocket DoS Vulnerability”

Learn Vite for a Better Web Development Workflow

CVE-2025-3517 – Devolutions Server PAM JIT Privilege Escalation

CISA’s Latest Advisories Expose High-Risk Vulnerabilities in Industrial Control Systems

PlayStation: PS5’s top 3 selling games in April 2025 wereallfromXbox

CVE-2025-4745 – Apache Code-projects Employee Record System Cross-Site Scripting

Weirdest Threat Group Names: The Funny, Scary and Just Plain Weird

WWE 2K25 preorder bonuses explained for special editions and where to buy them

How to Deploy Your FastAPI + PostgreSQL App on Render: A Beginner’s Guide

CVE-2025-20130 – “Cisco ISE File Upload Vulnerability”

Related Posts