Cisco Unified Contact Center Express Path Traversal Vulnerability Allowing Arbitrary Code Execution

A path traversal vulnerability has been identified in the web-based management interface of Cisco Unified Contact Center Express (CCX). This vulnerability allows an authenticated, local attacker with administrative credentials to execute arbitrary code on the affected device. The issue arises from improper restriction of file paths, enabling exploitation by sending a crafted web request followed by a specific command through an SSH session. The executed code runs on the underlying operating system as a low-privilege user, with the potential for privilege escalation to root.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of arbitrary code on the affected device's operating system, initially as a low-privilege user, with possibilities for escalating privileges to root.

Remediation

Cisco has released software updates to address this vulnerability. Users are advised to consult the Cisco Security Advisories page for upgrade instructions and to ensure their devices have sufficient memory for the new release.