Cisco TelePresence Video Communication Server (VCS) X8.5.2 allows remote authenticated users to execute arbitrary commands in the context of the nobody user account via an unspecified web-page parameter, aka Bug ID CSCuv12333.
CPE | Name | Operator | Version |
---|---|---|---|
telepresence_video_communication_server_software | eq | 8.5.2120 |