CVE-2011-4005

Cisco Services Ready Platform - CSRF

Title source: llm
STIX 2.1

Description

Cross-site request forgery (CSRF) vulnerability in the Services Ready Platform Configuration Utility web interface on the Cisco Small Business SRP521W, SRP526W, and SRP527W with firmware before 1.1.24 and the Small Business SRP541W, SRP546W, and SRP547W with firmware before 1.2.1 allows remote attackers to hijack the authentication of administrators for requests that execute arbitrary commands, aka Bug ID CSCtr45124.

References (5)

Core 5
Core References
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/46664
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1026266
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/50495
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/71103

Scores

EPSS 0.0180
EPSS Percentile 75.9%

Details

CWE
CWE-352
Status published
Products (12)
cisco/small_business_srp520_series_firmware 1.00.06
cisco/small_business_srp520_series_firmware 1.01.01
cisco/small_business_srp520_series_firmware 1.01.19_mr3
cisco/small_business_srp520_series_firmware < 1.01.23
cisco/small_business_srp521w
cisco/small_business_srp526w
cisco/small_business_srp527w
cisco/small_business_srp540_series_firmware 1.02.00
cisco/small_business_srp540_series_firmware < 1.02.01_mr2
cisco/small_business_srp541w
... and 2 more
Published Nov 03, 2011
Tracked Since Feb 18, 2026