Forwarded by Taiwan Computer Emergency Readiness/Response Team (TWCERT/CC) - TWCERTCC-200-202509-00000014

[Description]
Cisco has released a critical security vulnerability advisory (CVE-2025-20334, CVSS: 8.8). This vulnerability exists in the HTTP API subsystem of Cisco IOS XE. Due to insufficient input validation, an attacker with administrator privileges can exploit this vulnerability by sending a specially crafted API request to the affected system. Alternatively, an unauthenticated remote attacker can trick a legitimate user with administrator privileges into clicking a malicious link to trigger the vulnerability. Once exploited, the attacker may be able to execute arbitrary commands as root on the affected system.

[Affected Platforms]
Cisco IOS XE systems with the HTTP server feature enabled are potentially vulnerable. Users are advised to check their version against the official website to determine if they are affected.
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-cmd-inject-rPJM8BGL#fs

[Recommended Actions]
Please refer to the official documentation for updates: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-cmd-inject-rPJM8BGL

[References]
1. https://www.twcert.org.tw/tw/cp-169-10410-5dfbf-1.html