Cisco has issued software updates to rectify a critical security weakness in its IOS XE Wireless Controller, which could allow an unauthenticated, remote adversary to upload arbitrary files to an affected system.
The flaw, designated as CVE-2025-20188, has received a severity rating of 10.0 on the CVSS scoring scale.
“This flaw arises from the existence of a hard-coded JSON Web Token (JWT) on an