Cisco patched a 9.8/10 CVE yesterday — authentication bypass on IMC that gives full admin access with one HTTP request, no credentials needed