The issue lies in a parental-control function that’s always enabled by default, even if users don’t configure for child security.
https://threatpost.com/netgear-soho-security-bug-rce/174921/
Attackers could access and modify agent resources, telephone queues and other customer-service systems – and access personal information on companies’ customers.
https://threatpost.com/critical-cisco-contact-center-bug/177681/