CVE-2025-20306

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker with Administrator-level privileges to execute arbitrary commands on the underlying operating system.

This vulnerability is due to insufficient input validation of certain HTTP request parameters that are sent to the web-based management interface. An attacker could exploit this vulnerability by authenticating to the interface and sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to execute commands as the root user on the affected device. To exploit this vulnerability, an attacker would need Administrator-level credentials.

Published: Aug 14, 2025
Updated: Nov 16, 2025
CVE: CVE-2025-20306
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.9
AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

CWEs:

CWE-77

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
cisco / secure_firewall_management_center	6.2.3	6.2.3.x
cisco / secure_firewall_management_center	6.2.3.1	6.2.3.1.x
cisco / secure_firewall_management_center	6.2.3.2	6.2.3.2.x
cisco / secure_firewall_management_center	6.2.3.3	6.2.3.3.x
cisco / secure_firewall_management_center	6.2.3.4	6.2.3.4.x
cisco / secure_firewall_management_center	6.2.3.5	6.2.3.5.x
cisco / secure_firewall_management_center	6.2.3.6	6.2.3.6.x
cisco / secure_firewall_management_center	6.2.3.7	6.2.3.7.x
cisco / secure_firewall_management_center	6.2.3.8	6.2.3.8.x
cisco / secure_firewall_management_center	6.2.3.9	6.2.3.9.x
cisco / secure_firewall_management_center	6.2.3.10	6.2.3.10.x
cisco / secure_firewall_management_center	6.2.3.11	6.2.3.11.x
cisco / secure_firewall_management_center	6.2.3.12	6.2.3.12.x
cisco / secure_firewall_management_center	6.2.3.13	6.2.3.13.x
cisco / secure_firewall_management_center	6.2.3.14	6.2.3.14.x
cisco / secure_firewall_management_center	6.2.3.15	6.2.3.15.x
cisco / secure_firewall_management_center	6.2.3.16	6.2.3.16.x
cisco / secure_firewall_management_center	6.2.3.17	6.2.3.17.x
cisco / secure_firewall_management_center	6.2.3.18	6.2.3.18.x
cisco / secure_firewall_management_center	6.4.0	6.4.0.x
cisco / secure_firewall_management_center	6.4.0.1	6.4.0.1.x
cisco / secure_firewall_management_center	6.4.0.2	6.4.0.2.x
cisco / secure_firewall_management_center	6.4.0.3	6.4.0.3.x
cisco / secure_firewall_management_center	6.4.0.4	6.4.0.4.x
cisco / secure_firewall_management_center	6.4.0.5	6.4.0.5.x
cisco / secure_firewall_management_center	6.4.0.6	6.4.0.6.x
cisco / secure_firewall_management_center	6.4.0.7	6.4.0.7.x
cisco / secure_firewall_management_center	6.4.0.8	6.4.0.8.x
cisco / secure_firewall_management_center	6.4.0.9	6.4.0.9.x
cisco / secure_firewall_management_center	6.4.0.10	6.4.0.10.x
cisco / secure_firewall_management_center	6.4.0.11	6.4.0.11.x
cisco / secure_firewall_management_center	6.4.0.12	6.4.0.12.x
cisco / secure_firewall_management_center	6.4.0.13	6.4.0.13.x
cisco / secure_firewall_management_center	6.4.0.14	6.4.0.14.x
cisco / secure_firewall_management_center	6.4.0.15	6.4.0.15.x
cisco / secure_firewall_management_center	6.4.0.16	6.4.0.16.x
cisco / secure_firewall_management_center	6.4.0.17	6.4.0.17.x
cisco / secure_firewall_management_center	6.4.0.18	6.4.0.18.x
cisco / secure_firewall_management_center	6.6.0	6.6.0.x
cisco / secure_firewall_management_center	6.6.0.1	6.6.0.1.x
cisco / secure_firewall_management_center	6.6.1	6.6.1.x
cisco / secure_firewall_management_center	6.6.3	6.6.3.x
cisco / secure_firewall_management_center	6.6.4	6.6.4.x
cisco / secure_firewall_management_center	6.6.5	6.6.5.x
cisco / secure_firewall_management_center	6.6.5.1	6.6.5.1.x
cisco / secure_firewall_management_center	6.6.5.2	6.6.5.2.x
cisco / secure_firewall_management_center	6.6.7	6.6.7.x
cisco / secure_firewall_management_center	6.6.7.1	6.6.7.1.x
cisco / secure_firewall_management_center	6.6.7.2	6.6.7.2.x
cisco / secure_firewall_management_center	7.0.0	7.0.0.x
cisco / secure_firewall_management_center	7.0.0.1	7.0.0.1.x
cisco / secure_firewall_management_center	7.0.1	7.0.1.x
cisco / secure_firewall_management_center	7.0.1.1	7.0.1.1.x
cisco / secure_firewall_management_center	7.0.2	7.0.2.x
cisco / secure_firewall_management_center	7.0.2.1	7.0.2.1.x
cisco / secure_firewall_management_center	7.0.3	7.0.3.x
cisco / secure_firewall_management_center	7.0.4	7.0.4.x
cisco / secure_firewall_management_center	7.0.5	7.0.5.x
cisco / secure_firewall_management_center	7.0.6	7.0.6.x
cisco / secure_firewall_management_center	7.0.6.1	7.0.6.1.x
cisco / secure_firewall_management_center	7.0.6.2	7.0.6.2.x
cisco / secure_firewall_management_center	7.0.6.3	7.0.6.3.x
cisco / secure_firewall_management_center	7.0.7	7.0.7.x
cisco / secure_firewall_management_center	7.1.0	7.1.0.x
cisco / secure_firewall_management_center	7.1.0.1	7.1.0.1.x
cisco / secure_firewall_management_center	7.1.0.2	7.1.0.2.x
cisco / secure_firewall_management_center	7.1.0.3	7.1.0.3.x
cisco / secure_firewall_management_center	7.2.0	7.2.0.x
cisco / secure_firewall_management_center	7.2.0.1	7.2.0.1.x
cisco / secure_firewall_management_center	7.2.1	7.2.1.x
cisco / secure_firewall_management_center	7.2.2	7.2.2.x
cisco / secure_firewall_management_center	7.2.3	7.2.3.x
cisco / secure_firewall_management_center	7.2.3.1	7.2.3.1.x
cisco / secure_firewall_management_center	7.2.4	7.2.4.x
cisco / secure_firewall_management_center	7.2.4.1	7.2.4.1.x
cisco / secure_firewall_management_center	7.2.5	7.2.5.x
cisco / secure_firewall_management_center	7.2.5.1	7.2.5.1.x
cisco / secure_firewall_management_center	7.2.5.2	7.2.5.2.x
cisco / secure_firewall_management_center	7.2.6	7.2.6.x
cisco / secure_firewall_management_center	7.2.7	7.2.7.x
cisco / secure_firewall_management_center	7.2.8	7.2.8.x
cisco / secure_firewall_management_center	7.2.8.1	7.2.8.1.x
cisco / secure_firewall_management_center	7.2.9	7.2.9.x
cisco / secure_firewall_management_center	7.3.0	7.3.0.x
cisco / secure_firewall_management_center	7.3.1	7.3.1.x
cisco / secure_firewall_management_center	7.3.1.1	7.3.1.1.x
cisco / secure_firewall_management_center	7.3.1.2	7.3.1.2.x
cisco / secure_firewall_management_center	7.4.0	7.4.0.x
cisco / secure_firewall_management_center	7.4.1	7.4.1.x
cisco / secure_firewall_management_center	7.4.1.1	7.4.1.1.x
cisco / secure_firewall_management_center	7.4.2	7.4.2.x
cisco / secure_firewall_management_center	7.4.2.1	7.4.2.1.x
cisco / secure_firewall_management_center	7.4.2.2	7.4.2.2.x
cisco / secure_firewall_management_center	7.6.0	7.6.0.x
cisco / secure_firewall_management_center	7.7.0	7.7.0.x

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inj-HCRLpFyN

Vulnerability Database

311,379

CVE-2025-20306

Deep Security Visibility Without the Complexity