A vulnerability in the HTTP remote procedure call (RPC) service of set-top box (STB) receivers manufactured by Cisco for Yes could allow an unauthenticated, rem