Hi @kendendoop,
I'm afraid no root access is needed to use this exploit. You just need to make an HTTP request.
You should really upgrade to the latest version, for many reasons, not only security but to protect against this particular exploit, you can simple remove the file /opt/kaltura/app/alpha/apps/kaltura/modules/keditorservices/actions/redirectWidgetCmdAction.class.php from your server. It shouldn't be used for anything useful, it's a left over from the very early days.
Thanks,