ID:1574 - Exploit for Command injection in Cisco Prime Infrastructure - CVE-2018-15379

Link to public exploit:

Vulnerability description

The vulnerability allows a remote unauthenticated attacker to execute arbitrary command on the target system.

The weakness exists in the HTTP web server for Cisco Prime Infrastructure (PI) due to incorrect permission setting for important system directories. A remote attacker can upload a malicious file by using TFTP, which can be accessed via the web-interface GUI, run arbitrary commands at the privilege level of the user prime and without authentication.

Remediation