CVE-2025-20272 – Cisco Prime Infrastructure and EPNM Blind SQL Injection

July 16, 2025

CVE ID : CVE-2025-20272

Published : July 16, 2025, 5:15 p.m. | 1 hour, 28 minutes ago

Description : A vulnerability in a subset of REST APIs of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, low-privileged, remote attacker to conduct a blind SQL injection attack.

This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to an affected API. A successful exploit could allow the attacker to view data in some database tables on an affected device.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-20283 – “Cisco ISE and ISE-PIC Root Code Execution Vulnerability”

Next Article CVE-2025-53937 – WeGIA SQL Injection Vulnerability

Highlights

CVE-2025-40624 – TCMAN’s GIM SQL Injection Vulnerability

May 6, 2025

CVE ID : CVE-2025-40624

Published : May 6, 2025, 11:15 a.m. | 36 minutes ago

Description : SQL injection in TCMAN’s GIM v11. This vulnerability allows an unauthenticated attacker to inject an SQL statement to obtain, update and delete all information in the database. This vulnerability was found in each of the following parameters according to the vulnerability identifier ‘User’ and “email” parameters of the ‘updatePassword’ endpoint.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

This week in AI dev tools: Slack’s enterprise search, Claude Code’s analytics dashboard, and more (July 18, 2025)

Report: 71% of tech leaders won’t hire devs without AI skills

Slack’s AI search now works across an organization’s entire knowledge base

In-House vs Outsourcing for React.js Development: Understand What Is Best for Your Enterprise

Microsoft kills Movies & TV storefront on Windows and Xbox — here’s what will happen to your purchased media

Wacom says its new drawing tablet needs no setup and has a pen that can’t die

NordPass vs. Bitwarden: Which password manager is best?

Elon Musk teasing a Grok male companion inspired by “50 Shades of Grey” — beating Microsoft’s AI CEO at his own game

The details of TC39’s last meeting

The details of TC39’s last meeting

Conditional Collection Skipping with Laravel’s skipWhile Method

Deploying Laravel Applications on Laravel Cloud With MongoDB Atlas

Ubuntu 25.10 Shrinks its Raspberry Pi Install Footprint

Ubuntu 25.10 Shrinks its Raspberry Pi Install Footprint

Microsoft kills Movies & TV storefront on Windows and Xbox — here’s what will happen to your purchased media

Unplugged and Unstoppable: How Linux Transforms Laptop Power Management

CVE-2025-20272 – Cisco Prime Infrastructure and EPNM Blind SQL Injection

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

CVE-2025-0716 – AngularJS SVG Image Content Spoofing

Build a location-aware agent using Amazon Bedrock Agents and Foursquare APIs

Don’t Choose the Wrong Web Team — Here’s Why It Matters

Forget AGI – Meta is going after ‘superintelligence’ now

CVE-2025-40624 – TCMAN’s GIM SQL Injection Vulnerability

UPERFECT Unify B5 Portable Monitor 1080P Display Review

Top Generative AI Companies in the World

CVE-2025-0913 – Apache os File Symlink Creation Vulnerability

CVE-2025-20272 – Cisco Prime Infrastructure and EPNM Blind SQL Injection

Related Posts