CVE-2025-20184

Name of the Vulnerable Software and Affected Versions: Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Web Appliance (affected versions not specified)

Description: A vulnerability in the web-based management interface could allow an authenticated, remote attacker to perform command injection attacks against an affected device. The attacker must authenticate with valid administrator credentials. This issue is due to insufficient validation of XML configuration files by an affected device. An attacker could exploit this vulnerability by uploading a crafted XML configuration file. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges.

Recommendations: For Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Web Appliance, consider disabling the web-based management interface until a patch is available. Restrict access to the management interface to minimize the risk of exploitation. Avoid uploading crafted XML configuration files to the affected device until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.