CVE-2019-1839

Name of the Vulnerable Software and Affected Versions Cisco Remote PHY Device Software (affected versions not specified)

Description The issue is related to insufficient input validation, which could allow an attacker to execute arbitrary commands on the underlying Linux shell with root privileges. This can be achieved by supplying crafted arguments to various CLI commands. A successful exploit could lead to complete system compromise.

Recommendations For Cisco Remote PHY Device Software, consider restricting access to the CLI to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using crafted arguments in CLI commands to reduce the risk of arbitrary command execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.