Mirai Botnet aka Katana – Active IOCs
May 12, 2025CVE-2025-4544 – D-Link DI-8100 Vulnerability
May 12, 2025Mirai Botnet aka Katana – Active IOCs
May 12, 2025CVE-2025-4544 – D-Link DI-8100 Vulnerability
May 12, 2025Severity
High
Analysis Summary
CVE-2025-20189 CVSS:7.4
A vulnerability in the Cisco Express Forwarding functionality of Cisco IOS XE Software for Cisco ASR 903 Aggregation Services Routers with Route Switch Processor 3 (RSP3C) could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition.
CVE-2025-20190 CVSS:6.5
A vulnerability in the lobby ambassador web interface of Cisco IOS XE Wireless Controller Software could allow an authenticated, remote attacker to remove arbitrary users defined on an affected device.
CVE-2025-20155 CVSS:6
A vulnerability in the bootstrap loading of Cisco IOS XE Software could allow an authenticated, local attacker to write arbitrary files to an affected system.
CVE-2025-20162 CVSS:8.6
A vulnerability in the DHCP snooping security feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a full interface queue wedge, which could result in a denial of service (DoS) condition.
CVE-2025-20186 CVSS:8.8
A vulnerability in the web-based management interface of the Wireless LAN Controller feature of Cisco IOS XE Software could allow an authenticated, remote attacker with a lobby ambassador user account to perform a command injection attack against an affected device.
Impact
- Denial of Service
- Code Execution
Indicators of Compromise
CVE
- CVE-2025-20189
- CVE-2025-20190
- CVE-2025-20155
- CVE-2025-20162
- CVE-2025-20186
Affected Vendors
- Cisco
Affected Products
- Cisco IOS XE Software
Remediation
Refer to Cisco Security Advisory for patch, upgrade, or suggested workaround information.