CVE-2012-0364

Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allow remote attackers to replace the configuration file via an upload request to an unspecified URL, aka Bug ID CSCtw55495.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:C/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
ciscosmall_business_srp520_series_firmware
𝑥
≤ 1.01.24
ciscosmall_business_srp520_series_firmware
1.01.01
ciscosmall_business_srp520_series_firmware
1.01.09
ciscosmall_business_srp520_series_firmware
1.01.11
ciscosmall_business_srp520_series_firmware
1.01.19
ciscosmall_business_srp520_series_firmware
1.01.23
ciscosmall_business_srp521w
*
ciscosmall_business_srp526w
*
ciscosmall_business_srp527w
*
ciscosmall_business_srp520-u_series_firmware
1.1.0
ciscosmall_business_srp521w-u
*
ciscosmall_business_srp526w-u
*
ciscosmall_business_srp527w-u
*
ciscosmall_business_srp540_series_firmware
𝑥
≤ 1.02.01
ciscosmall_business_srp540_series_firmware
1.02.00.023
ciscosmall_business_srp541w
*
ciscosmall_business_srp546w
*
ciscosmall_business_srp547w
*
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120223-srp500
http://www.securitytracker.com/id?1026736
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120223-srp500
http://www.securitytracker.com/id?1026736