Cisco Security Advisory Cisco Application-Hosting Framework Arbitrary File Creation Vulnerability High Advisory ID: cisco-sa-20170322-caf2 First Published: 2017 March 22 16:00 GMT Version 1.0: Final Workarounds: No workarounds available Cisco Bug IDs: CSCuy52317 CVE-2017-3852 CWE-20 CVSS Score: Base 8.1. An attacker who can upload a malicious package within Cisco IOx could exploit the vulnerability to modify arbitrary files.”]
Source: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-caf2