Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Cisco Subscribe
Filtered by product Small Business Srp520 Series Firmware
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-0365 1 Cisco 12 Small Business Srp520-u Series Firmware, Small Business Srp520 Series Firmware, Small Business Srp521w and 9 more 2024-02-04 9.0 HIGH N/A
Directory traversal vulnerability in the Local TFTP file-upload application on Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allows remote authenticated users to upload software to arbitrary directories via unspecified vectors, aka Bug ID CSCtw56009.
CVE-2012-0364 1 Cisco 12 Small Business Srp520-u Series Firmware, Small Business Srp520 Series Firmware, Small Business Srp521w and 9 more 2024-02-04 7.8 HIGH N/A
Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allow remote attackers to replace the configuration file via an upload request to an unspecified URL, aka Bug ID CSCtw55495.
CVE-2011-4005 1 Cisco 8 Small Business Srp520 Series Firmware, Small Business Srp521w, Small Business Srp526w and 5 more 2024-02-04 9.3 HIGH N/A
Cross-site request forgery (CSRF) vulnerability in the Services Ready Platform Configuration Utility web interface on the Cisco Small Business SRP521W, SRP526W, and SRP527W with firmware before 1.1.24 and the Small Business SRP541W, SRP546W, and SRP547W with firmware before 1.2.1 allows remote attackers to hijack the authentication of administrators for requests that execute arbitrary commands, aka Bug ID CSCtr45124.
CVE-2012-0363 1 Cisco 12 Small Business Srp520-u Series Firmware, Small Business Srp520 Series Firmware, Small Business Srp521w and 9 more 2024-02-04 9.0 HIGH N/A
The web interface on Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allows remote authenticated users to execute arbitrary commands via unspecified vectors, related to a "command injection vulnerability," aka Bug ID CSCtt46871.