The XML-RPC implementation on Cisco TelePresence Recording Server devices with software 1.6.x and 1.7.x before 1.7.1 allows remote attackers to overwrite files and consequently execute arbitrary code via a malformed request, aka Bug ID CSCti50739.
https://exchange.xforce.ibmcloud.com/vulnerabilities/65605
http://www.securitytracker.com/id?1025114
http://www.securityfocus.com/bid/46522
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml