← back
CVE-2025-20327

CVE-2025-20327

CVSS 7.7 HIGHEPSS 0.4%CWE-1287
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.7EPSS 0.4%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
24 Sep 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A vulnerability in the web UI of Cisco IOS Software could allow an authenticated, remote attacker with low privileges to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper input validation. An attacker could exploit this vulnerability by sending a crafted URL in an HTTP request. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Affected products
Cisco · IOS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-invalid-url-dos-Nvxszf6u