Cisco EPC3928 devices with EDVA 5.5.10, 5.5.11, and 5.7.1 allow remote attackers to bypass an intended authentication requirement and execute unspecified administrative functions via a crafted HTTP request, aka Bug ID CSCux24941.
https://www.exploit-db.com/exploits/39904/
http://www.securitytracker.com/id/1034347
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151208-cwr