A high-severity flaw in Cisco s smart Wi-Fi solution for retailers could allow a remote attacker to alter the password of any account user on affected systems. The most serious flaw afflicts Cisco Connected Mobile Experiences (CMX), a software solution that is utilized by retailers to provide business insights or on-site customer experience analytics. The flaw ranks 8.8 out of 10 on the CVSS vulnerability scale, making it high severity. This included flaws found in Cisco’s AnyConnect Secure Mobility Client, as well as Cisco RV110W, RV130W and RV215W small business routers.
Source: https://threatpost.com/cisco-flaw-cmx-software-retailers/163027/