Directory traversal vulnerability in the Local TFTP file-upload application on Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allows remote authenticated users to upload software to arbitrary directories via unspecified vectors, aka Bug ID CSCtw56009.
References
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
History
21 Nov 2024, 01:34
Type | Values Removed | Values Added |
---|---|---|
References | () http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120223-srp500 - Vendor Advisory | |
References | () http://www.securitytracker.com/id?1026736 - |
Information
Published : 2012-02-25 04:21
Updated : 2024-11-21 01:34
NVD link : CVE-2012-0365
Mitre link : CVE-2012-0365
CVE.ORG link : CVE-2012-0365
JSON object : View
Products Affected
cisco
- small_business_srp526w-u
- small_business_srp521w-u
- small_business_srp527w-u
- small_business_srp520_series_firmware
- small_business_srp547w
- small_business_srp520-u_series_firmware
- small_business_srp527w
- small_business_srp540_series_firmware
- small_business_srp541w
- small_business_srp521w
- small_business_srp526w
- small_business_srp546w
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')