The vulnerability is due to improper validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by logging in to the web-based management interface with administrative privileges and supplying crafted requests to the application. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with root privileges on a targeted node.
Execute arbitrary commands
Cisco Webex Video Mesh Software releases earlier than 2019.09.19.1956m
Please see vendor’s advisory for more details.