The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain root-level privileges.
Cisco SD-WAN Solution software release earlier than Release 19.2.2
Please see vendors advisory for the list of affected products and upgraded patches.