CVE-2020-3176

Name of the Vulnerable Software and Affected Versions Cisco Remote PHY Device Software (affected versions not specified)

Description A vulnerability in the software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The issue exists because the software does not properly sanitize user-supplied input. An attacker with valid administrator access could exploit this by supplying certain CLI commands with crafted arguments, potentially allowing them to run arbitrary commands as the root user and resulting in a complete system compromise.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.