CVE-2025-20221
published 2025-05-07CVE-2025-20221: A vulnerability in the packet filtering features of Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to bypass Layer 3 and Layer 4…
critical9.1CVSS 3.1
AVNACLPRNUINSUCHIHAN
A vulnerability in the packet filtering features of Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to bypass Layer 3 and Layer 4 traffic filters.
This vulnerability is due to improper traffic filtering conditions on an affected device. An attacker could exploit this vulnerability by sending a crafted packet to the affected device. A successful exploit could allow the attacker to bypass the Layer 3 and Layer 4 traffic filters and inject a crafted packet into the network.
Affected
179 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | cisco_ios_xe_software | — | — |
| cisco | cisco_ios_xe_software | — | — |
| cisco | cisco_ios_xe_software | — | — |
| cisco | cisco_ios_xe_software | — | — |
| cisco | cisco_ios_xe_software | — | — |
| cisco | cisco_ios_xe_software | — | — |
| cisco | cisco_ios_xe_software | — | — |
| cisco | cisco_ios_xe_software | — | — |
| cisco | cisco_ios_xe_software | — | — |
| cisco | cisco_ios_xe_software | — | — |
| cisco | cisco_ios_xe_software | — | — |
| cisco | cisco_ios_xe_software | — | — |
| cisco | cisco_ios_xe_software | — | — |
| cisco | cisco_ios_xe_software | — | — |
| cisco | cisco_ios_xe_software | — | — |
| cisco | cisco_ios_xe_software | — | — |
| cisco | cisco_ios_xe_software | — | — |
| cisco | cisco_ios_xe_software | — | — |
| cisco | cisco_ios_xe_software | — | — |
| cisco | cisco_ios_xe_software | — | — |
| cisco | cisco_ios_xe_software | — | — |
| cisco | cisco_ios_xe_software | — | — |
| cisco | cisco_ios_xe_software | — | — |
| cisco | cisco_ios_xe_software | — | — |
| cisco | cisco_ios_xe_software | — | — |