{"vulnerability": "CVE-2025-2016", "sightings": [{"uuid": "4be69d5a-0e75-4d44-af3c-c222f05f9483", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20167", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfao3kwu4i2f", "content": "", "creation_timestamp": "2025-01-08T17:15:45.523460Z"}, {"uuid": "3fdc8be2-ea4e-4192-9318-a1c70f8ab31e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20166", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfao3hx3hw2m", "content": "", "creation_timestamp": "2025-01-08T17:15:42.341894Z"}, {"uuid": "37227704-7c7a-43ca-a5f7-899aef2dcc17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20168", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfao3n5pky2a", "content": "", "creation_timestamp": "2025-01-08T17:15:47.831056Z"}, {"uuid": "c2f8cc91-7e2a-4c55-85a0-fe234f41d3fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20165", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lgfg6rd6qb2l", "content": "", "creation_timestamp": "2025-01-23T08:02:53.298221Z"}, {"uuid": "3c7ccb6a-81fa-490a-9914-5e26e9da05ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20169", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113952255128702135", "content": "", "creation_timestamp": "2025-02-05T16:37:05.014918Z"}, {"uuid": "826cb2df-9c81-4605-a2c6-233083a35420", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20165", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113872897424390072", "content": "", "creation_timestamp": "2025-01-22T16:15:22.849984Z"}, {"uuid": "8d3a0d01-6b0f-49f2-be99-2c9c785b008b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20165", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdumiacml2c", "content": "", "creation_timestamp": "2025-01-22T17:15:46.343365Z"}, {"uuid": "4a583db1-06e9-4078-8277-2e67927abb56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20165", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lge5j6uzgq2e", "content": "", "creation_timestamp": "2025-01-22T19:55:04.254315Z"}, {"uuid": "93b3df5c-7ffa-4834-87af-4739998e69ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20163", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lr2tjwri7k22", "content": "", "creation_timestamp": "2025-06-08T02:39:40.722757Z"}, {"uuid": "cc00a7eb-013c-4702-a924-6b24dd981eaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20169", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-270/", "content": "", "creation_timestamp": "2025-05-01T03:00:00.000000Z"}, {"uuid": "e50cef26-f32e-447e-8a29-f9dbe3968af2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20160", "type": "seen", "source": "https://gist.github.com/Darkcrai86/07df4e061efc09f26abe4d1d824c1738", "content": "", "creation_timestamp": "2025-09-24T16:58:57.000000Z"}, {"uuid": "48b084da-3a6a-440d-99fb-e8dfdd389dc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20160", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuuksia-cisco-ios-ja-ios-xe-laitteissa", "content": "", "creation_timestamp": "2025-09-26T08:27:34.000000Z"}, {"uuid": "805aa9ec-8879-4239-8292-6d25a149fa0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20169", "type": "seen", "source": "https://t.me/cvedetector/17313", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-20169 - Cisco SNMP RemoteDoS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-20169 \nPublished : Feb. 5, 2025, 5:15 p.m. | 49\u00a0minutes ago \nDescription : A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device.  \n  \nThis vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition.\u00a0  \nThis vulnerability affects SNMP versions 1, 2c, and 3. To exploit this vulnerability through SNMP v2c or earlier, the attacker must know a valid read-write or read-only SNMP community string for the affected system. To exploit this vulnerability through SNMP v3, the attacker must have valid SNMP user credentials for the affected system. \nSeverity: 7.7 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-05T19:09:21.000000Z"}, {"uuid": "a1ca7c82-8d7b-4b57-aa7c-f40b2c7213d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20166", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/847", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-20166\n\ud83d\udd39 Description: A vulnerability in the web-based management interface of Cisco Common Services Platform Collector (CSPC) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface.\n\nThis vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have at least a low-privileged account on an affected device.\nCisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability.\n\ud83d\udccf Published: 2025-01-08T16:19:12.224Z\n\ud83d\udccf Modified: 2025-01-08T20:30:37.679Z\n\ud83d\udd17 References:\n1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cspc-xss-CDOJZyH\n2. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xwork-xss-KCcg7WwU", "creation_timestamp": "2025-01-08T21:14:48.000000Z"}, {"uuid": "29a5c3cd-936a-4878-9f2d-c0d6810a860f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20163", "type": "published-proof-of-concept", "source": "https://t.me/kasperskyb2b/1765", "content": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0431\u0430\u0433\u0438 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Cisco, \u0435\u0441\u0442\u044c \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0439 PoC\n\n\u0412\u0447\u0435\u0440\u0430 Cisco \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0434\u0435\u0441\u044f\u0442\u044c \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435\u0439 \u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0434\u0435\u0444\u0435\u043a\u0442\u044b \u0432 Identity Services Engine (ISE), Customer Collaboration Platform (CCP),  NDFC \u0438 Unified Communications. \u0414\u043b\u044f \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0431\u0430\u0433\u043e\u0432, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439, \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d proof of concept, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 \u043d\u0443\u0436\u043d\u043e \u043f\u043e\u0442\u043e\u0440\u043e\u043f\u0438\u0442\u044c\u0441\u044f \u0441 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438.\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0432\u0430\u0436\u043d\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c CVE-2025-20286 \u0441 CVSS 9.9, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 Cisco ISE 3.1-3.4, \u0440\u0430\u0437\u0432\u0451\u0440\u043d\u0443\u0442\u044b\u0435 \u0432 AWS, Azure \u0438\u043b\u0438 OCI. \u0421\u0442\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u0447\u0451\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0432 ISE, \u0440\u0430\u0437\u0432\u0451\u0440\u043d\u0443\u0442\u044b\u0445 \u0443 \u0440\u0430\u0437\u043d\u044b\u0445 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432, \u043f\u0440\u0430\u0432\u0434\u0430, \u0434\u0435\u0444\u0435\u043a\u0442 \u043c\u043e\u0436\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c, \u0442\u043e\u043b\u044c\u043a\u043e \u0435\u0441\u043b\u0438 \u0432 \u043e\u0431\u043b\u0430\u043a\u0435 \u0440\u0430\u0437\u0432\u0451\u0440\u043d\u0443\u0442 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0439 \u0443\u0437\u0435\u043b \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f.\n\n\u0422\u0435\u043c, \u043a\u0442\u043e \u043d\u0435 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0442\u0447, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u043e\u0432\u0430\u043d\u044b \u043c\u0438\u0442\u0438\u0433\u0430\u0446\u0438\u0438 \u0432\u043f\u043b\u043e\u0442\u044c \u0434\u043e \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u0441\u0431\u0440\u043e\u0441\u0430 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043a.\n\n\u0415\u0449\u0451 \u0434\u0432\u0430 \u0434\u0435\u0444\u0435\u043a\u0442\u0430 \u0441 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u043c PoC (\u0437\u043b\u043e\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043f\u043e\u043a\u0430 \u043d\u0435 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u0430):\nCVE-2025-20130 (CVSS 4.9) \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Cisco ISE\nCVE-2025-20129 (CVSS 4.3) \u2014 \u0443\u0442\u0435\u0447\u043a\u0430 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438\u0437 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430 Cisco Customer Collaboration Platform (\u0432 \u0434\u0435\u0432\u0438\u0447\u0435\u0441\u0442\u0432\u0435 SocialMiner).\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u043e\u0441\u0442\u0438 \u0431\u0435\u0437 PoC:\nCVE-2025-20261 (CVSS 8.8) \u2014 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Cisco IMC \u0447\u0435\u0440\u0435\u0437 SSH\nCVE-2025-20163 (CVSS 8.7) \u2014 \u0441\u043f\u0443\u0444\u0438\u043d\u0433 \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0449\u0435\u043d\u0438\u0438 \u043a Nexus Dashboard Fabric \u0447\u0435\u0440\u0435\u0437 SSH.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2025-06-05T14:01:48.000000Z"}, {"uuid": "e39a8305-a5d2-4b59-9845-922cfd3396e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20165", "type": "seen", "source": "https://t.me/cvedetector/16126", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-20165 - \"Cisco BroadWorks SIP Processing Denial of Service Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2025-20165 \nPublished : Jan. 22, 2025, 5:15 p.m. | 36\u00a0minutes ago \nDescription : A vulnerability in the SIP processing subsystem of Cisco BroadWorks could allow an unauthenticated, remote attacker to halt the processing of incoming SIP requests, resulting in a denial of service (DoS) condition.  \n  \nThis vulnerability is due to improper memory handling for certain SIP requests. An attacker could exploit this vulnerability by sending a high number of SIP requests to an affected system. A successful exploit could allow the attacker to exhaust the memory that was allocated to the Cisco BroadWorks Network Servers that handle SIP traffic. If no memory is available, the Network Servers can no longer process incoming requests, resulting in a DoS condition that requires manual intervention to recover. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-22T18:54:30.000000Z"}, {"uuid": "90faa58d-2e1d-4d80-88a6-2547c4d1dc8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20166", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113793626771738794", "content": "", "creation_timestamp": "2025-01-08T16:15:48.187527Z"}, {"uuid": "3d5c5f1c-5d55-4354-a0fd-691e1fa4baad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20167", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113793626771738794", "content": "", "creation_timestamp": "2025-01-08T16:15:48.219504Z"}, {"uuid": "08339d4c-5e0a-447e-9643-6ede7f3cd965", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20168", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113793626771738794", "content": "", "creation_timestamp": "2025-01-08T16:15:48.246131Z"}, {"uuid": "a2c4e6db-d9c2-4705-9015-f6ba3d6d85b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20166", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113793673111799579", "content": "", "creation_timestamp": "2025-01-08T16:27:35.109080Z"}, {"uuid": "421c968a-c7e0-4a80-8f58-22ff96936e26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20167", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113793673125650092", "content": "", "creation_timestamp": "2025-01-08T16:27:35.446103Z"}, {"uuid": "34ea305f-d076-42fc-8b93-0ef73f1637b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20168", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113793673139597116", "content": "", "creation_timestamp": "2025-01-08T16:27:36.274280Z"}, {"uuid": "bd26f01d-e11a-4890-a36a-d3f3e69cec9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20167", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfapmjegmi2h", "content": "", "creation_timestamp": "2025-01-08T17:43:08.889100Z"}, {"uuid": "d4b2e1fe-15fc-4a80-81b6-4521e9660903", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20168", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfapmjlidu2q", "content": "", "creation_timestamp": "2025-01-08T17:43:09.896330Z"}, {"uuid": "c854037b-4c69-409b-8670-0ec11cfc363e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20166", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfapmjopda2q", "content": "", "creation_timestamp": "2025-01-08T17:43:10.366041Z"}, {"uuid": "9aaa2c36-c48c-4522-886b-9c581487e92e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20166", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lfgg7slnw222", "content": "", "creation_timestamp": "2025-01-11T00:11:02.152192Z"}, {"uuid": "974273ae-f05a-4fce-96d7-b6c1393c7a9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20167", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lfgg7slnw222", "content": "", "creation_timestamp": "2025-01-11T00:11:02.201331Z"}, {"uuid": "a3901353-e3b6-4d84-883d-5edb5c34dd60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20168", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lfgg7slnw222", "content": "", "creation_timestamp": "2025-01-11T00:11:02.250222Z"}, {"uuid": "fd333da1-ca6f-4602-a71a-8293524ef6fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20169", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhhfwgwygf2z", "content": "", "creation_timestamp": "2025-02-05T20:28:46.542115Z"}, {"uuid": "7690bd82-bdb8-432e-a1d0-7b1480dc07a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20169", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhh35luk6r2c", "content": "", "creation_timestamp": "2025-02-05T17:15:53.954988Z"}, {"uuid": "e56b6010-769d-46ee-9513-35ebba7ce2c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20165", "type": "seen", "source": "https://threatintel.cc/2025/01/23/cisco-warns-of-denial-of.html", "content": "", "creation_timestamp": "2025-01-23T13:23:02.000000Z"}, {"uuid": "65e2bb67-75f0-475e-bb5e-b7118382e883", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20163", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lqshhydu5c2s", "content": "", "creation_timestamp": "2025-06-04T18:42:29.243414Z"}, {"uuid": "13f4c1e8-a8e0-4c14-a0ae-0b23940b7b45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20161", "type": "seen", "source": "MISP/4937e86f-f5bd-4d09-8bda-88a7440077f3", "content": "", "creation_timestamp": "2025-08-19T02:47:45.000000Z"}, {"uuid": "e6340d03-b9f8-4701-8b34-77d5c3e30ec3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20161", "type": "seen", "source": "https://t.me/cvedetector/18939", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-20161 - Cisco Nexus 3000/9000 Series Switches NX-OS Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-20161 \nPublished : Feb. 26, 2025, 5:15 p.m. | 1\u00a0hour, 30\u00a0minutes ago \nDescription : A vulnerability in the software upgrade process of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, local attacker with valid Administrator credentials to execute a command injection attack on the underlying operating system of an affected device.  \n  \nThis vulnerability is due to insufficient validation of specific elements within a software image. An attacker could exploit this vulnerability by installing a crafted image. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges.\u00a0  \nNote: Administrators should validate the hash of any software image before installation. \nSeverity: 5.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-26T20:08:12.000000Z"}, {"uuid": "d2846636-4c59-4a0e-8fb6-ed7b7aa85e5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20168", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/842", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-20168\n\ud83d\udd39 Description: A vulnerability in the web-based management interface of Cisco Common Services Platform Collector (CSPC) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface.\n\nThis vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have at least a low-privileged account on an affected device.\nCisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability.\n\ud83d\udccf Published: 2025-01-08T16:19:28.312Z\n\ud83d\udccf Modified: 2025-01-08T20:36:51.770Z\n\ud83d\udd17 References:\n1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cspc-xss-CDOJZyH\n2. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xwork-xss-KCcg7WwU", "creation_timestamp": "2025-01-08T21:14:12.000000Z"}, {"uuid": "f2204f1d-6b34-4061-9622-f0f1c29999fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20167", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/843", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-20167\n\ud83d\udd39 Description: A vulnerability in the web-based management interface of Cisco Common Services Platform Collector (CSPC) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface.\n\nThis vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have at least a low-privileged account on an affected device.\nCisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability.\n\ud83d\udccf Published: 2025-01-08T16:19:19.794Z\n\ud83d\udccf Modified: 2025-01-08T20:34:39.917Z\n\ud83d\udd17 References:\n1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cspc-xss-CDOJZyH\n2. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xwork-xss-KCcg7WwU", "creation_timestamp": "2025-01-08T21:14:18.000000Z"}, {"uuid": "45281f99-9666-4500-b9bc-8f5ec9ca4574", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20165", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/6649", "content": "Cisco \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0442\u0440\u0435\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e EoP-\u043e\u0448\u0438\u0431\u043a\u0443 \u0432 Meeting Management \u0438 DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 ClamAV, \u0434\u043b\u044f \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d PoC.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0432\u0430\u0436\u043d\u043e\u0441\u0442\u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2025-20156 (CVSS 9,9), \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 REST API Meeting Management \u0438 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0434\u043b\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0434\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430.\n\n\u0414\u0435\u0444\u0435\u043a\u0442 \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u043c \u043f\u0440\u0438\u043d\u0443\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435\u043c \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438 \u043a \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c REST API.\n\n\u0412\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u043c\u043e\u0436\u043d\u043e, \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0432 \u0437\u0430\u043f\u0440\u043e\u0441\u044b API \u043d\u0430 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u0443\u044e \u043a\u043e\u043d\u0435\u0447\u043d\u0443\u044e \u0442\u043e\u0447\u043a\u0443.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430 \u0443\u0440\u043e\u0432\u043d\u0435 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u043d\u0430\u0434 \u043f\u0435\u0440\u0438\u0444\u0435\u0440\u0438\u0439\u043d\u044b\u043c\u0438 \u0443\u0437\u043b\u0430\u043c\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0442\u0441\u044f Cisco Meeting Management.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Cisco, \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b \u0432\u0441\u0435  \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0437\u0430\u043f\u0443\u0449\u0435\u043d\u0430 \u0441\u043b\u0443\u0436\u0431\u0430 Meeting Management, \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e \u043e\u0442 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043a \u0438\u0445 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438, \u0438 \u043e\u0431\u0445\u043e\u0434\u043d\u044b\u0445 \u043f\u0443\u0442\u0435\u0439 \u043d\u0435 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442.\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u044b \u0432 Meeting Management \u0432\u0435\u0440\u0441\u0438\u0438 3.9.1.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0432\u0435\u0440\u0441\u0438\u0438 3.8 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0435\u0440\u0435\u0439\u0442\u0438 \u043d\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e. \u0412\u0435\u0440\u0441\u0438\u044f 3.10 \u043d\u0435 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u0430.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, Cisco \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430 \u043e\u0431 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0438 CVE-2025-20165 - \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 SIP Cisco BroadWorks, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 DoS.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0437\u0430\u043f\u0440\u043e\u0441\u044b SIP \u043d\u0435 \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u044e\u0442\u0441\u044f \u0434\u043e\u043b\u0436\u043d\u044b\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0438\u0445 \u0432 \u0431\u043e\u043b\u044c\u0448\u043e\u043c \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0435 \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443, \u0438\u0441\u0447\u0435\u0440\u043f\u0430\u0442\u044c \u043f\u0430\u043c\u044f\u0442\u044c, \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u043d\u0443\u044e \u0441\u0435\u0442\u0435\u0432\u044b\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c BroadWorks, \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u044e\u0449\u0438\u043c SIP-\u0442\u0440\u0430\u0444\u0438\u043a, \u0438 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 DoS, \u0434\u043b\u044f \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u043f\u043e\u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u0440\u0443\u0447\u043d\u043e\u0435 \u0432\u043c\u0435\u0448\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u043e.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c \u0432\u0435\u0440\u0441\u0438\u0438 BroadWorks RI.2024.11. \u041a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043e\u0431\u0445\u043e\u0434\u043d\u044b\u0445 \u043f\u0443\u0442\u0435\u0439 \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0438 \u043d\u0435\u0442.\n\nCisco \u0437\u0430\u044f\u0432\u043b\u044f\u0435\u0442, \u0447\u0442\u043e \u0435\u0439 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043e \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u0441\u043b\u0443\u0447\u0430\u044f\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u044d\u0442\u0438\u0445 \u0434\u0432\u0443\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u0438 PoC \u0434\u043b\u044f \u0442\u0440\u0435\u0442\u044c\u0435\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 Object Linking and Embedding 2 (OLE2) ClamAV \u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2025-20128.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0431\u0443\u0444\u0435\u0440\u0430 \u043a\u0443\u0447\u0438 \u043f\u0440\u0438 \u0447\u0442\u0435\u043d\u0438\u0438, \u0432\u044b\u0437\u0432\u0430\u043d\u043d\u044b\u043c \u0446\u0435\u043b\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u043c \u043d\u0435\u0434\u043e\u0440\u0430\u0441\u0445\u043e\u0434\u043e\u043c \u043f\u0440\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0435 \u0433\u0440\u0430\u043d\u0438\u0446. \n\n\u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 \u0444\u0430\u0439\u043b, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u0439 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0435 OLE2. \u041f\u0440\u0438 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0438 ClamAV \u0437\u0430\u0432\u0435\u0440\u0448\u0430\u0435\u0442 \u043f\u0440\u043e\u0446\u0435\u0441\u0441, \u0432\u044b\u0437\u044b\u0432\u0430\u044f \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 DoS.\n\nCisco \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0432 \u0432\u0435\u0440\u0441\u0438\u0438 Secure Endpoint Connector \u0434\u043b\u044f Linux (1.25.1), macOS (1.24.4), Windows (7.5.20 \u0438 8.4.3) \u0438 cloud (4.2.0).\n\n\u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0441\u0431\u043e\u044e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f, \u043e\u0434\u043d\u0430\u043a\u043e \u043e\u0431\u0449\u0430\u044f \u0441\u0442\u0430\u0431\u0438\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043d\u0435 \u0441\u0442\u0440\u0430\u0434\u0430\u0435\u0442.\n\n\u041e\u0442\u043c\u0435\u0447\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 PoC \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0434\u0430\u043d\u043d\u044b\u0445 \u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043e.", "creation_timestamp": "2025-01-23T13:52:14.000000Z"}, {"uuid": "089b3ea4-731c-44d9-af08-6f82c596eb59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2016", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-117/", "content": "", "creation_timestamp": "2025-03-10T04:00:00.000000Z"}, {"uuid": "f6b0fc69-44ef-48ff-8479-c1a1902639c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20164", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lom2f5wvql2p", "content": "", "creation_timestamp": "2025-05-07T18:41:55.382979Z"}, {"uuid": "581e3cdb-1e59-471a-bc4e-30e71da712b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20162", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lom2f6b4ir2l", "content": "", "creation_timestamp": "2025-05-07T18:41:57.043186Z"}, {"uuid": "2367ecc0-c002-4e53-a87f-7580abff80fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20160", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lzwck75oq22m", "content": "", "creation_timestamp": "2025-09-28T20:11:46.924153Z"}, {"uuid": "7e061b1c-2172-4e45-a1d4-b234dd0647d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2016", "type": "seen", "source": "MISP/682bdba3-46b7-4a8f-b7be-c6bf4b4f9868", "content": "", "creation_timestamp": "2025-08-13T13:26:34.000000Z"}, {"uuid": "8f05ae94-7304-4557-b572-5786ec6d2f5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20161", "type": "seen", "source": "MISP/4937e86f-f5bd-4d09-8bda-88a7440077f3", "content": "", "creation_timestamp": "2025-08-18T13:31:23.000000Z"}, {"uuid": "a2bade36-48a1-4fe7-8fe7-1e5d9c41fbed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20163", "type": "seen", "source": "https://t.me/ViralCyber/14217", "content": "\u0627\u0634\u06a9\u0627\u0644\u0627\u062a \u0628\u062d\u0631\u0627\u0646\u06cc \u062f\u0631 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u0633\u06cc\u0633\u06a9\u0648\u060c \u06cc\u06a9 \u0627\u062b\u0628\u0627\u062a \u0645\u0641\u0647\u0648\u0645\u06cc \u0639\u0645\u0648\u0645\u06cc \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u062f\n\n\u0633\u06cc\u0633\u06a9\u0648 \u062f\u06cc\u0631\u0648\u0632 \u062f\u0647 \u0628\u0648\u0644\u062a\u0646 \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f \u0648 \u0646\u0642\u0635\u200c\u0647\u0627\u06cc \u0645\u0648\u062c\u0648\u062f \u062f\u0631 \u0645\u0648\u062a\u0648\u0631 \u062e\u062f\u0645\u0627\u062a \u0647\u0648\u06cc\u062a (ISE)\u060c \u067e\u0644\u062a\u0641\u0631\u0645 \u0647\u0645\u06a9\u0627\u0631\u06cc \u0645\u0634\u062a\u0631\u06cc (CCP)\u060c NDFC \u0648 \u0627\u0631\u062a\u0628\u0627\u0637\u0627\u062a \u06cc\u06a9\u067e\u0627\u0631\u0686\u0647 \u0631\u0627 \u0628\u0631\u0637\u0631\u0641 \u06a9\u0631\u062f. \u0627\u062b\u0628\u0627\u062a \u0627\u062f\u0639\u0627 \u0628\u0631\u0627\u06cc \u0628\u0631\u062e\u06cc \u0627\u0632 \u0627\u0634\u06a9\u0627\u0644\u0627\u062a\u060c \u0627\u0632 \u062c\u0645\u0644\u0647 \u06cc\u06a9 \u0645\u0648\u0631\u062f \u0628\u062d\u0631\u0627\u0646\u06cc\u060c \u062f\u0631 \u062f\u0633\u062a\u0631\u0633 \u0627\u0633\u062a\u060c \u0628\u0646\u0627\u0628\u0631\u0627\u06cc\u0646 \u0645\u062f\u06cc\u0631\u0627\u0646 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u0622\u0633\u06cc\u0628\u200c\u062f\u06cc\u062f\u0647 \u0628\u0627\u06cc\u062f \u0639\u062c\u0644\u0647 \u06a9\u0646\u0646\u062f \u0648 \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u0627\u0646\u062c\u0627\u0645 \u062f\u0647\u0646\u062f.\n\n\u0645\u0647\u0645\u200c\u062a\u0631\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u06a9\u0647 \u0628\u0627\u06cc\u062f \u0628\u0631\u0637\u0631\u0641 \u0634\u0648\u062f \u060c CVE-2025-20286 \u0628\u0627 CVSS 9.9 \u0627\u0633\u062a \u06a9\u0647 Cisco ISE 3.1-3.4 \u0645\u0633\u062a\u0642\u0631 \u062f\u0631 AWS\u060c Azure \u06cc\u0627 OCI \u0631\u0627 \u062a\u062d\u062a \u062a\u0623\u062b\u06cc\u0631 \u0642\u0631\u0627\u0631 \u0645\u06cc\u200c\u062f\u0647\u062f. \u0627\u0639\u062a\u0628\u0627\u0631\u0646\u0627\u0645\u0647\u200c\u0647\u0627\u06cc \u0627\u0633\u062a\u0627\u062a\u06cc\u06a9 \u0631\u0627 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646 \u062f\u0631 ISE\u0647\u0627\u06cc \u0645\u0633\u062a\u0642\u0631 \u0628\u0631\u0627\u06cc \u0645\u0634\u062a\u0631\u06cc\u0627\u0646 \u0645\u062e\u062a\u0644\u0641 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0631\u062f\u060c \u0627\u06af\u0631\u0686\u0647 \u0627\u06cc\u0646 \u0646\u0642\u0635 \u0641\u0642\u0637 \u062f\u0631 \u0635\u0648\u0631\u062a\u06cc \u0642\u0627\u0628\u0644 \u0633\u0648\u0621\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u06af\u0631\u0647 \u0627\u062f\u0645\u06cc\u0646 \u0627\u0635\u0644\u06cc \u062f\u0631 \u0627\u0628\u0631 \u0645\u0633\u062a\u0642\u0631 \u0628\u0627\u0634\u062f.\n\n\u0628\u0631\u0627\u06cc \u06a9\u0633\u0627\u0646\u06cc \u06a9\u0647 \u0646\u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u0646\u062f \u0648\u0635\u0644\u0647 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0631\u0627 \u0627\u0639\u0645\u0627\u0644 \u06a9\u0646\u0646\u062f\u060c \u0627\u0642\u062f\u0627\u0645\u0627\u062a \u067e\u06cc\u0634\u06af\u06cc\u0631\u0627\u0646\u0647 \u0627\u0632 \u062c\u0645\u0644\u0647 \u062a\u0646\u0638\u06cc\u0645 \u0645\u062c\u062f\u062f \u06a9\u0627\u0645\u0644 \u062a\u0646\u0638\u06cc\u0645\u0627\u062a \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc\u200c\u0634\u0648\u062f.\n\n\u062f\u0648 \u0646\u0642\u0635 \u062f\u06cc\u06af\u0631 \u0628\u0627 \u0627\u062b\u0628\u0627\u062a \u0627\u062f\u0639\u0627\u06cc \u0639\u0645\u0648\u0645\u06cc (\u0647\u0646\u0648\u0632 \u0647\u06cc\u0686 \u0633\u0648\u0621\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u062e\u0631\u0628\u06cc \u0645\u0634\u0627\u0647\u062f\u0647 \u0646\u0634\u062f\u0647 \u0627\u0633\u062a):\nCVE-2025-20130 (CVSS 4.9) - \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0622\u067e\u0644\u0648\u062f \u0641\u0627\u06cc\u0644 \u062f\u0644\u062e\u0648\u0627\u0647 \u062f\u0631 \u062f\u0633\u062a\u06af\u0627\u0647\u200c\u0647\u0627\u06cc Cisco ISE\n\u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc CVE-2025-20129 (CVSS 4.3) \u06cc\u06a9 \u0646\u0634\u062a \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0627\u0632 \u067e\u0644\u062a\u0641\u0631\u0645 \u0647\u0645\u06a9\u0627\u0631\u06cc \u0645\u0634\u062a\u0631\u06cc \u0633\u06cc\u0633\u06a9\u0648 (\u06a9\u0647 \u0642\u0628\u0644\u0627\u064b SocialMiner \u0646\u0627\u0645 \u062f\u0627\u0634\u062a) \u0627\u0633\u062a.\n\n\u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u0628\u0627 \u0634\u062f\u062a \u0628\u0627\u0644\u0627 \u0628\u062f\u0648\u0646 \u0627\u062b\u0628\u0627\u062a \u0645\u0641\u0647\u0648\u0645\u06cc:\nCVE-2025-20261 (CVSS 8.8) - \u0627\u0641\u0632\u0627\u06cc\u0634 \u0627\u0645\u062a\u06cc\u0627\u0632 Cisco IMC \u0627\u0632 \u0637\u0631\u06cc\u0642 SSH\nCVE-2025-20163 (CVSS 8.7) - \u062c\u0639\u0644 \u0647\u0648\u06cc\u062a \u0647\u0646\u06af\u0627\u0645 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 Nexus Dashboard Fabric \u0627\u0632 \u0637\u0631\u06cc\u0642 SSH.\n\n\n\u00a0\ud83d\udc6e\u200d\u2640\ufe0f\ud83d\udc6e\u200d\u2640\ufe0f \u0628\u0627\u0632\u0646\u0634\u0631 \u0645\u0637\u0627\u0644\u0628 \u0627\u06cc\u0646 \u06a9\u0627\u0646\u0627\u0644 \u0635\u0631\u0641\u0627 \u0628\u0627 \u0630\u06a9\u0631 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u06a9\u0627\u0645\u0644 \u06a9\u0627\u0646\u0627\u0644 \u0645\u062c\u0627\u0632 \u0645\u06cc\u0628\u0627\u0634\u062f.\n\n\ud83e\udd81\u00ab\u06a9\u062a\u0627\u0633\u00bb\n\u200fhttp://t.me/ict_security", "creation_timestamp": "2025-06-14T08:13:36.000000Z"}, {"uuid": "d5d06c50-67ed-48e3-893f-63bb644bf770", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20165", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2578", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-20165\n\ud83d\udd39 Description: A vulnerability in the SIP processing subsystem of Cisco BroadWorks could allow an unauthenticated, remote attacker to halt the processing of incoming SIP requests, resulting in a denial of service (DoS) condition.\n\nThis vulnerability is due to improper memory handling for certain SIP requests. An attacker could exploit this vulnerability by sending a high number of SIP requests to an affected system. A successful exploit could allow the attacker to exhaust the memory that was allocated to the Cisco BroadWorks Network Servers that handle SIP traffic. If no memory is available, the Network Servers can no longer process incoming requests, resulting in a DoS condition that requires manual intervention to recover.\n\ud83d\udccf Published: 2025-01-22T16:21:30.377Z\n\ud83d\udccf Modified: 2025-01-22T16:49:20.441Z\n\ud83d\udd17 References:\n1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bw-sip-dos-mSySbrmt\n2. https://blog.clamav.net/2025/01/clamav-142-and-108-security-patch.html\n3. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-ole2-H549rphA", "creation_timestamp": "2025-01-22T17:01:50.000000Z"}, {"uuid": "2575fac9-bb12-4088-abac-0c7fbae3ad2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20161", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5520", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-20161\n\ud83d\udd25 CVSS Score: 5.1 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N)\n\ud83d\udd39 Description: A vulnerability in the software upgrade process of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, local attacker with valid Administrator credentials to execute a command injection attack on the underlying operating system of an affected device.\n\nThis vulnerability is due to insufficient validation of specific elements within a software image. An attacker could exploit this vulnerability by installing a crafted image. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges.&nbsp;\nNote: Administrators should validate the hash of any software image before installation.\n\ud83d\udccf Published: 2025-02-26T16:12:03.165Z\n\ud83d\udccf Modified: 2025-02-26T16:12:03.165Z\n\ud83d\udd17 References:\n1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ici-dpOjbWxk", "creation_timestamp": "2025-02-26T16:24:12.000000Z"}, {"uuid": "397df914-8c40-4cf9-a7ff-de536807f3fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20164", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15467", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-20164\n\ud83d\udd25 CVSS Score: 8.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H)\n\ud83d\udd39 Description: A vulnerability in the Cisco Industrial Ethernet Switch Device Manager (DM) of Cisco IOS Software could allow an authenticated, remote attacker to elevate privileges.\n This vulnerability is due to insufficient validation of authorizations for authenticated users. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to elevate privileges to privilege level 15.\n To exploit this vulnerability, the attacker must have valid credentials for a user account with privilege level 5 or higher. Read-only DM users are assigned privilege level 5.\n\ud83d\udccf Published: 2025-05-07T17:36:33.740Z\n\ud83d\udccf Modified: 2025-05-08T03:56:33.406Z\n\ud83d\udd17 References:\n1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-http-privesc-wCRd5e3", "creation_timestamp": "2025-05-08T04:22:50.000000Z"}, {"uuid": "65feee88-64bd-4da2-ade2-cbb0ce4039fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20166", "type": "seen", "source": "https://t.me/cvedetector/14698", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-20166 - Cisco CSPC Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-20166 \nPublished : Jan. 8, 2025, 5:15 p.m. | 35\u00a0minutes ago \nDescription : A vulnerability in the web-based management interface of Cisco Common Services Platform Collector (CSPC) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface.  \n  \nThis vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have at least a low-privileged account on an affected device.  \nCisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-08T19:09:28.000000Z"}, {"uuid": "b8044ac8-9003-4bb1-9ad5-52a69c7ac26f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20168", "type": "seen", "source": "https://t.me/cvedetector/14697", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-20168 - Cisco Common Services Platform Collector Critical XSS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-20168 \nPublished : Jan. 8, 2025, 5:15 p.m. | 35\u00a0minutes ago \nDescription : A vulnerability in the web-based management interface of Cisco Common Services Platform Collector (CSPC) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface.  \n  \nThis vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have at least a low-privileged account on an affected device.  \nCisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-08T19:09:27.000000Z"}, {"uuid": "826d7f39-a956-4fbb-9357-1f174632012a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20167", "type": "seen", "source": "https://t.me/cvedetector/14696", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-20167 - Cisco Common Services Platform Collector Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-20167 \nPublished : Jan. 8, 2025, 5:15 p.m. | 35\u00a0minutes ago \nDescription : A vulnerability in the web-based management interface of Cisco Common Services Platform Collector (CSPC) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface.  \n  \nThis vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have at least a low-privileged account on an affected device.  \nCisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-08T19:09:26.000000Z"}]}