PT-2012-2524 · Cisco · Cisco Srp 520W-U+2

Published

2012-02-25

Updated

2018-01-04

CVE-2012-0365

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Cisco SRP 520 series devices versions prior to 1.1.26 Cisco SRP 520W-U and 540 series devices versions prior to 1.2.4

Description A directory traversal issue exists in the Local TFTP file-upload application, allowing remote authenticated users to upload software to arbitrary directories.

Recommendations For Cisco SRP 520 series devices, update to firmware version 1.1.26 or later. For Cisco SRP 520W-U and 540 series devices, update to firmware version 1.2.4 or later.

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2012-0365

Affected Products

Cisco Srp 520 Series

Cisco Srp 520W-U

Cisco Srp 540 Series

PT-2012-2524 · Cisco · Cisco Srp 520W-U+2

CVE-2012-0365

Weakness Enumeration

Related Identifiers

Affected Products

References · 3