Cisco has issued security updates to address 57 security flaws, including three flaws in networks management tool Prime Infrastructure. One of the flaws could be exploited by an unauthenticated attacker to execute arbitrary code with root privileges on PI devices. The flaws affect Cisco Prime Infrastructure Software releases prior to 3.4.1, 3.5, and 3.6, and EPN Manager Releases before 3.0.1. The vulnerabilities were discovered by Steven Seeley of Source Incite. The vulnerabilities exist because the software improperly validates user-supplied input.”]
Source: https://securityaffairs.co/wordpress/85718/hacking/prime-infrastructure-critical-flaw.html