CISCO published a security advisory related a Command Injection Vulnerability (CVE-2016-1297) affecting its product Cisco ACE 4710 Application Control Engine Command. The vulnerability was reported to the company by Jan Kadijk, an expert at Warpnet BV. The vulnerability is due to insufficient validation of user-supplied input. The company has already released the security patches and suggested as a workaround to disable the Device Manager GUI. There is no evidence that the flaw has been exploited in the wild.”]
Source: https://securityaffairs.co/wordpress/44807/hacking/cisco-ace-4710-products.html

