Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0365

Overview

Vulnerability Score 9.0 9.0
CVE Id CVE-2012-0365
Last Modified 06 Mar 2012 12:00:00
Published 24 Feb 2012 11:21:42
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2012-0365

Summary

Directory traversal vulnerability in the Local TFTP file-upload application on Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allows remote authenticated users to upload software to arbitrary directories via unspecified vectors, aka Bug ID CSCtw56009.

Vulnerable Systems

Application

  • Cisco Small Business Srp520 Series Firmware 1.01.01

  • Cisco Small Business Srp520 Series Firmware 1.01.09

  • Cisco Small Business Srp520 Series Firmware 1.01.11

  • Cisco Small Business Srp520 Series Firmware 1.01.19

  • Cisco Small Business Srp520 Series Firmware 1.01.23

  • Cisco Small Business Srp520 Series Firmware 1.01.24

  • Cisco Small Business Srp520-u Series Firmware 1.1.0

  • Cisco Small Business Srp520-u Series Firmware 1.2.4

  • Cisco Small Business Srp540 Series Firmware 1.02.00.023

  • Cisco Small Business Srp540 Series Firmware 1.02.01


References

CISCO - 20120223 Cisco Small Business SRP 500 Series Multiple Vulnerabilities


Last Updated: 27 May 2016 10:58:20