CVE-2012-0364 | Vulnerability Database | Aqua Security

Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allow remote attackers to replace the configuration file via an upload request to an unspecified URL, aka Bug ID CSCtw55495.

Affected Software

Name	Vendor	Start Version	End Version
Small_business_srp520_series_firmware	Cisco	*	1.01.24 (including)
Small_business_srp520_series_firmware	Cisco	1.01.01 (including)	1.01.01 (including)
Small_business_srp520_series_firmware	Cisco	1.01.09 (including)	1.01.09 (including)
Small_business_srp520_series_firmware	Cisco	1.01.11 (including)	1.01.11 (including)
Small_business_srp520_series_firmware	Cisco	1.01.19 (including)	1.01.19 (including)
Small_business_srp520_series_firmware	Cisco	1.01.23 (including)	1.01.23 (including)

References

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120223-srp500
http://www.securitytracker.com/id?1026736
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120223-srp500
http://www.securitytracker.com/id?1026736

NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-0364
CWE	https://cwe.mitre.org/data/definitions/264.html