According to horizon 3 AnalysisA hard-coded JSON web token (JWT) is at the root of exploitation. “It is important to eliminate hard-coded mysteries from certification workflows, implement strong file upload verification and path sanitization, and maintains continuous monitoring and patch management in all important systems,” Barn said.
Hard-Coded JWT is allowed to detect
CVE-2025-20188 was tracked, the defect revealed in May was revealed to be one Issue Impressing the out-of-the-band access point (AP) download facility of Cisco iOS XE software for WLCs. The AP image download interface uses a hard-coded JWT for authentication, which an attacker can use to certify requests without a recognized credential.
Horizon 3 researchers Diffed to be To reach the file system content Lua script from ISO images, where notable changes were found. The script refers to both JWT tokens and the related key, which reflects their participation in vulnerability. Researchers then demonstrated a simple GREP search in the source code to determine how and where these Lua scripts were invited.
