CVE-2017-15805
HIGHCisco Small Business SA520 and SA540 Firmware 2.1.71 and 2.2.0.7 - Path Traversal via thispage Parameter
Title source: llmDescription
Cisco Small Business SA520 and SA540 devices with firmware 2.1.71 and 2.2.0.7 allow ../ directory traversal in scgi-bin/platform.cgi via the thispage parameter, for reading arbitrary files.
References (1)
Core 1
Core References
Third Party Advisory x_refsource_misc
https://www.fwhibbit.es/lfi-en-cisco-small-business-sa500-series-cuando-la-seguridad-de-tu-red-esta-hecha-un-cisco
Scores
CVSS v3
7.5
EPSS
0.0218
EPSS Percentile
80.1%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-22
Status
published
Products (4)
cisco/small_business_sa520_firmware
2.1.71
cisco/small_business_sa520_firmware
2.2.0.7
cisco/small_business_sa540_firmware
2.1.71
cisco/small_business_sa540_firmware
2.2.0.7
Published
Oct 23, 2017
Tracked Since
Feb 18, 2026