CVE-2012-0365

CVE Database · CVE-2012-0365

CVE-2012-0365

· N/AModified

CVSS v3.1

N/A

EPSS

3.33%

Published

Feb 25, 2012

Modified

Apr 28, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Directory traversal vulnerability in the Local TFTP file-upload application on Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allows remote authenticated users to upload software to arbitrary directories via unspecified vectors, aka Bug ID CSCtw56009.

Weaknesses (CWE)

CWE-22

Affected Products (18)

cisco · small_business_srp520_series_firmwarevulnerable

cisco · small_business_srp521wvulnerable

cisco · small_business_srp526wvulnerable

cisco · small_business_srp527wvulnerable

cisco · small_business_srp520-u_series_firmware

References (4)

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120223-srp500

Vendor Advisory

http://www.securitytracker.com/id?1026736

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120223-srp500

Vendor Advisory

http://www.securitytracker.com/id?1026736

KEV Catalog EPSS Scores Vendors All CVEs