VDB
GCVE-110-NCSC-2025-264
GCVE-110-NCSC-2025-264
Advisory PublishedCVSS 7.7/10
Improper Neutralization of Special Elements used in a Command ('Command Injection')
Weaknesses (CWE)
CWE-404Improper Resource Shutdown or ReleaseCWE-401Missing Release of Memory after Effective LifetimeCWE-415Double FreeCWE-835Loop with Unreachable Exit Condition ('Infinite Loop')CWE-20Improper Input ValidationCWE-643Improper Neutralization of Data within XPath Expressions ('XPath Injection')CWE-284Improper Access ControlCWE-78Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')CWE-120Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')CWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')CWE-146Improper Neutralization of Expression/Command DelimitersCWE-1244Internal Asset Exposed to Unsafe Debug Access Level or StateCWE-1287Improper Validation of Specified Type of InputCWE-680Integer Overflow to Buffer OverflowCWE-74Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')CWE-229Improper Handling of ValuesCWE-862Missing AuthorizationCWE-77Improper Neutralization of Special Elements used in a Command ('Command Injection')
Risk Scores
CVSS 3.1
7.7/10
High · CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Cisco | vers:unknown/7.7.0 | — | — |
| Cisco | vers:unknown/9.23.1 | — | — |
| Cisco | vers:cisco/unknown | — | — |
Aliases
CVE-2025-20127CVE-2025-20133CVE-2025-20134CVE-2025-20135CVE-2025-20136CVE-2025-20148CVE-2025-20217CVE-2025-20218CVE-2025-20219CVE-2025-20220CVE-2025-20222CVE-2025-20224CVE-2025-20225CVE-2025-20235CVE-2025-20237CVE-2025-20238CVE-2025-20239CVE-2025-20243CVE-2025-20244CVE-2025-20251CVE-2025-20252CVE-2025-20253CVE-2025-20254CVE-2025-20263CVE-2025-20265CVE-2025-20268CVE-2025-20301CVE-2025-20302CVE-2025-20306
Browse GCVE Records
73,161 records in the GCVE database · Updated July 16, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.