The web interface on Cisco SRP 520 series devices with firmware prior to 1.1.26 and SRP 520W-U and 540 series devices with firmware prior to 1.2.4 allows remote authenticated users to execute arbitrary commands via unspecified vectors, related to a "command injection vulnerability," aka Bug ID CSCtt46871.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
cisco small_business_srp520_series_firmware 1.01.23 |
||
cisco small_business_srp520_series_firmware 1.01.19 |
||
cisco small_business_srp520_series_firmware 1.01.11 |
||
cisco small_business_srp520_series_firmware |
||
cisco small_business_srp520_series_firmware 1.01.09 |
||
cisco small_business_srp520_series_firmware 1.01.01 |
||
cisco small_business_srp521w |
||
cisco small_business_srp526w |
||
cisco small_business_srp527w |
||
cisco small_business_srp520-u_series_firmware 1.1.0 |
||
cisco small_business_srp521w-u |
||
cisco small_business_srp526w-u |
||
cisco small_business_srp527w-u |
||
cisco small_business_srp540_series_firmware |
||
cisco small_business_srp540_series_firmware 1.02.00.023 |
||
cisco small_business_srp541w |
||
cisco small_business_srp546w |
||
cisco small_business_srp547w |
Vulmon