Full title: LifeSize UVC Authenticated Remote Command Execution 
Category: remote exploits
Platform: php
When authenticated as an administrator on LifeSize UVC 1.2.6, an attacker can abuse the ping diagnostic functionality to achieve remote command execution as the www-data user (or equivalent).

# 0day.today @ http://0day.today/