OS command injection in Cisco Systems, Inc products - CVE-2019-1839
Published: August 23, 2019 / Updated: August 26, 2019
Cisco Remote PHY Shelf 7200
Cisco Remote PHY 220
Cisco Remote PHY 120
Detailed vulnerability description
The vulnerability allows a local attacker to execute commands on the underlying Linux shell.
The vulnerability exists due to insufficient validation of user-supplied input. A local authenticated user can supply various CLI commands with crafted arguments, run arbitrary commands and take over the target system.