CVE-2025-20344

Name of the Vulnerable Software and Affected Versions: Cisco Nexus Dashboard (affected versions not specified)

Description: A vulnerability exists in the backup restore functionality of Cisco Nexus Dashboard that could allow an authenticated, remote attacker to conduct a path traversal attack. This is due to insufficient validation of the contents of a backup file. An attacker with valid Administrator credentials could exploit this by restoring a crafted backup file, potentially gaining root privileges on the underlying shell of the affected device.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.