CVE-2012-0364

EUVD-2012-0400
Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allow remote attackers to replace the configuration file via an upload request to an unspecified URL, aka Bug ID CSCtw55495.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:C/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 70%
Affected Products (NVD)
VendorProductVersion
ciscosmall_business_srp520_series_firmware
𝑥
≤ 1.01.24
ciscosmall_business_srp520_series_firmware
1.01.01
ciscosmall_business_srp520_series_firmware
1.01.09
ciscosmall_business_srp520_series_firmware
1.01.11
ciscosmall_business_srp520_series_firmware
1.01.19
ciscosmall_business_srp520_series_firmware
1.01.23
ciscosmall_business_srp521w
*
ciscosmall_business_srp526w
*
ciscosmall_business_srp527w
*
ciscosmall_business_srp520-u_series_firmware
1.1.0
ciscosmall_business_srp521w-u
*
ciscosmall_business_srp526w-u
*
ciscosmall_business_srp527w-u
*
ciscosmall_business_srp540_series_firmware
𝑥
≤ 1.02.01
ciscosmall_business_srp540_series_firmware
1.02.00.023
ciscosmall_business_srp541w
*
ciscosmall_business_srp546w
*
ciscosmall_business_srp547w
*
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120223-srp500
http://www.securitytracker.com/id?1026736
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120223-srp500
http://www.securitytracker.com/id?1026736