The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x up to and including 1.5.x allows remote authenticated users to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCtb31659.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco telepresence system software 1.2.3 |
||
cisco telepresence system software 1.3.2 |
||
cisco telepresence system software 1.4.7 |
||
cisco telepresence system software 1.5.1 |
||
cisco telepresence system software 1.5.3 |
||
cisco telepresence system software 1.5.10 |
||
cisco telepresence system software 1.5.11 |
||
cisco telepresence system software 1.5.12 |
||
cisco telepresence system software 1.5.13 |
||
cisco telepresence system 1000 |
||
cisco telepresence system 1100 |
||
cisco telepresence system 3000 |
||
cisco telepresence system 1300 series |
||
cisco telepresence system 3200 series |
||
cisco telepresence system 500 series |