Remote Configuration Vulnerability in Cisco SRP Series Devices
CVE-2012-0364

Currently unrated

Key Information:

Vendor: Cisco
Status: Small Business Srp520 Series Firmware; Small Business Srp521w; Small Business Srp526w; Small Business Srp527w
Vendor: CVE Published:; 25 February 2012

Summary

Cisco SRP 520 and 540 series devices contain a vulnerability that allows remote attackers to replace the configuration file through an upload request to an unspecified URL. Devices running firmware versions earlier than 1.1.26 for the SRP 520 series and versions prior to 1.2.4 for the SRP 540 series are particularly at risk. This exposure can lead to unauthorized access and manipulation of device settings, compromising overall network security.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://www.securitytracker.com/id?1026736

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Feb 25, 2012
Vulnerability Reserved
Jan 4, 2012