How severe is CVE-2025-20183?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.8 out of 10.

What type of vulnerability is CVE-2025-20183?

This is classified as CWE-20, which is a common weakness in software security.

CVE-2025-20183 - MEDIUM Severity | CVSS 5.8

Vulnerability Description

A vulnerability in a policy-based Cisco Application Visibility and Control (AVC) implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to evade the antivirus scanner and download a malicious file onto an endpoint.  The vulnerability is due to improper handling of a crafted range request header. An attacker could exploit this vulnerability by sending an HTTP request with a crafted range request header through the affected device. A successful exploit could allow the attacker to evade the antivirus scanner and download malware onto the endpoint without detection by Cisco Secure Web Appliance.

Related Vulnerabilities

CVE-2015-7282

MEDIUM

CVSS:5.8(Medium)

ReadyNet WRT300N-DD devices with firmware 1.0.26 use the same source port number for every DNS query, which makes it easier for remote attackers to spoof responses by selecting that number for the des...

CWE-202015

CVE-2015-7794

MEDIUM

CVSS:5.8(Medium)

Corega CG-WLNCM4G devices provide an open DNS resolver, which allows remote attackers to cause a denial of service (traffic amplification) via crafted queries.

CWE-202015

CVE-2017-0179

MEDIUM

CVSS:5.8(Medium)

A denial of service vulnerability exists when Microsoft Hyper-V running on a Windows 10, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a...

CWE-202017

CVE-2017-0182

MEDIUM

CVSS:5.8(Medium)

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows Server 2008 R2, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server ...

CWE-202017

CVE-2017-0183

MEDIUM

CVSS:5.8(Medium)

CWE-202017

CVE-2017-0185

MEDIUM

CVSS:5.8(Medium)

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows 8.1, Windows Server 2012, Windows Server 2012 R2, or Windows Server 2016 host server fai...

CWE-202017