Cross-site request forgery (CSRF) vulnerability in the Services Ready Platform Configuration Utility web interface on the Cisco Small Business SRP521W, SRP526W, and SRP527W with firmware prior to 1.1.24 and the Small Business SRP541W, SRP546W, and SRP547W with firmware prior to 1.2.1 allows remote malicious users to hijack the authentication of administrators for requests that execute arbitrary commands, aka Bug ID CSCtr45124.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
cisco small_business_srp521w |
||
cisco small_business_srp526w |
||
cisco small_business_srp527w |
||
cisco small_business_srp520_series_firmware |
||
cisco small_business_srp520_series_firmware 1.01.19_mr3 |
||
cisco small_business_srp520_series_firmware 1.01.01 |
||
cisco small_business_srp520_series_firmware 1.00.06 |
||
cisco small_business_srp546w |
||
cisco small_business_srp547w |
||
cisco small_business_srp541w |
||
cisco small_business_srp540_series_firmware |
||
cisco small_business_srp540_series_firmware 1.02.00 |
Vulmon