Network World

Cisco IoT wireless access points hit by severe command injection flaw

Cisco’s Ultra-Reliable Wireless Backhaul (URWB) hardware has been hit with a hard-to-ignore flaw that could allow attackers to hijack the access points’ web interface using a crafted HTTP request.
Dark Reading

Command-Injection Bug in Cisco Industrial Gear Opens Devices to Complete Takeover

One bug — CSCwc67015 — was spotted in yet-to-be-released code. It could have allowed hackers to remotely execute their own code, and potentially overwrite most of the files on the device. The second, ...
Bleeping Computer

Max severity Cisco ISE bug allows pre-auth command execution, patch now

A critical vulnerability (CVE-2025-20337) in Cisco's Identity Services Engine (ISE) could be exploited to let an unauthenticated attacker store malicious files, execute arbitrary code, or gain root ...