{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T02:26:49.796","vulnerabilities":[{"cve":{"id":"CVE-2025-20268","sourceIdentifier":"psirt@cisco.com","published":"2025-08-14T17:15:39.903","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the Geolocation-Based Remote Access (RA) VPN feature of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured policies to allow or deny HTTP connections based on a country or region.\r\n\r\nThis vulnerability exists because the URL string is not fully parsed. An attacker could exploit this vulnerability by sending a crafted HTTP connection through the targeted device. A successful exploit could allow the attacker to bypass configured policies and gain access to a network where the connection should have been denied."},{"lang":"es","value":"Una vulnerabilidad en la función VPN de acceso remoto (RA) basado en geolocalización del software Cisco Secure Firewall Threat Defense (FTD) podría permitir que un atacante remoto no autenticado eluda las políticas configuradas para permitir o denegar conexiones HTTP según un país o región. Esta vulnerabilidad existe porque la URL no se analiza completamente. Un atacante podría explotar esta vulnerabilidad enviando una conexión HTTP manipulada a través del dispositivo objetivo. Una explotación exitosa podría permitir al atacante eludir las políticas configuradas y obtener acceso a una red donde la conexión debería haber sido denegada."}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N","baseScore":5.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-229"}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ravpn-geobypass-9h38M37Z","source":"psirt@cisco.com"}]}}]}