CVE-2025-20272 – Cisco Prime Infrastructure and EPNM Blind SQL Injection

July 16, 2025

CVE ID : CVE-2025-20272

Published : July 16, 2025, 5:15 p.m. | 1 hour, 28 minutes ago

Description : A vulnerability in a subset of REST APIs of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, low-privileged, remote attacker to conduct a blind SQL injection attack.

This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to an affected API. A successful exploit could allow the attacker to view data in some database tables on an affected device.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-20283 – “Cisco ISE and ISE-PIC Root Code Execution Vulnerability”

Next Article CVE-2025-53937 – WeGIA SQL Injection Vulnerability

Highlights

CVE-2025-5031 – Ackites KillWxapkg wxapkg File Decompression Handler Resource Consumption Vulnerability

May 21, 2025

CVE ID : CVE-2025-5031

Published : May 21, 2025, 5:15 p.m. | 3 hours, 26 minutes ago

Description : A vulnerability was found in Ackites KillWxapkg up to 2.4.1. It has been rated as problematic. This issue affects some unknown processing of the component wxapkg File Decompression Handler. The manipulation leads to resource consumption. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used.

Severity: 3.1 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The state of DevOps and AI: Not just hype

A Breeze Of Inspiration In September (2025 Wallpapers Edition)

10 Top Generative AI Development Companies for Enterprise Node.js Projects

Prompting Is A Design Act: How To Brief, Guide And Iterate With AI

Look out, Meta Ray-Bans! These AI glasses just raised over $1M in pre-orders in 3 days

Samsung ‘Galaxy Glasses’ powered by Android XR are reportedly on track to be unveiled this month

The M4 iPad Pro is discounted $100 as a last-minute Labor Day deal

Distribution Release: Linux From Scratch 12.4

Enhanced Queue Job Control with Laravel’s ThrottlesExceptions failWhen() Method

Enhanced Queue Job Control with Laravel’s ThrottlesExceptions failWhen() Method

August report 2025

Fake News Detection using Python Machine Learning (ML)

Installing Proxmox on a Raspberry Pi to run Virtual Machines on it

Installing Proxmox on a Raspberry Pi to run Virtual Machines on it

Download Transcribe! for Windows

Microsoft Fixes CertificateServicesClient (CertEnroll) Error in Windows 11

CVE-2025-20272 – Cisco Prime Infrastructure and EPNM Blind SQL Injection

Hacker suspected of trying to cheat his way into university is arrested in Spain

ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics

Erie Moon Mammoths Merch

Understanding CSS Perspective: Bringing Depth to Your Designs

Blink Tag HTML: A Hidden Gem of the Early Web

CVE-2025-48475 – FreeScout Unrestricted Client Access Vulnerability

CVE-2025-5031 – Ackites KillWxapkg wxapkg File Decompression Handler Resource Consumption Vulnerability

From Banking Darling to $1B Fraud Magnet: Inside the Zelle Lawsuit 2025

Sam Altman Blasts Elon Musk Over Apple Bias Claims, Says He Rigs X for Himself

NightEagle APT Exploits Microsoft Exchange Flaw to Target China’s Military and Tech Sectors

CVE-2025-20272 – Cisco Prime Infrastructure and EPNM Blind SQL Injection

Related Posts