Five high-severity bugs have been found in Cisco routers, switches, IP cameras and Cisco IP phones. The vulnerabilities reside in the implementations of the Cisco Discovery Protocol (CDP). It comes enabled by default on all Cisco devices and can not be turned off.
The underlying CDP implementations contain buffer overflow and format string vulnerabilities. These could let hackers execute arbitrary code on the vulnerable devices by sending malicious unauthenticated CDP packets.