You are here

U-026: Cisco Small Business SRP500 Series Bug Lets Remote Users Inject Commands

November 3, 2011 - 8:15am

Addthis

PROBLEM:

Cisco Small Business SRP500 Series Bug Lets Remote Users Inject Commands.

PLATFORM:

The following models are affected when running firmware prior to version 1.1.24:
Cisco SRP521W
Cisco SRP526W
Cisco SRP527W

The following models are affected when running firmware prior to version 1.2.1:
Cisco SRP541W
Cisco SRP546W
Cisco SRP547W

ABSTRACT:

A remote user can create a URL that, when loaded by the target authenticated administrative user, will execute arbitrary commands on the target system.

reference  LINKS:

Advisory ID: cisco-sa-20111102-srp500
SecurityTracker Alert ID: 1026266
Cisco Security Advisories and Responses
CVE-2011-4005

IMPACT ASSESSMENT:

High

Discussion:

A vulnerability was reported in the Cisco Small Business SRP500 Series Services Ready Platforms. A remote user can cause arbitrary commands to be executed on the target system. A remote user can create a specially crafted URL that, when loaded by the target authenticated administrative user, will execute arbitrary operating system commands on the target system. The code will run with root privileges. A remote user can also exploit this flaw by conducting a man-in-the-middle attack to intercept an authenticated administrator's session and then inject commands with root privileges. .

Impact:

A remote user can create a URL that, when loaded by the target authenticated administrative user, will execute arbitrary commands on the target system.

Solution:

Cisco has released free software updates that address this vulnerability. Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com. Log In or Download Software

 

Addthis