Unrated severityNVD Advisory· Published Feb 25, 2012· Updated Apr 29, 2026

CVE-2012-0365

Description

Directory traversal vulnerability in the Local TFTP file-upload application on Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allows remote authenticated users to upload software to arbitrary directories via unspecified vectors, aka Bug ID CSCtw56009.

Affected products

Cisco Systems, Inc./Small Business Srp520 Series Firmware6 versions
cpe:2.3:a:cisco:small_business_srp520_series_firmware:*:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:cisco:small_business_srp520_series_firmware:*:*:*:*:*:*:*:*range: <=1.01.24
- cpe:2.3:a:cisco:small_business_srp520_series_firmware:1.01.01:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:small_business_srp520_series_firmware:1.01.09:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:small_business_srp520_series_firmware:1.01.11:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:small_business_srp520_series_firmware:1.01.19:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:small_business_srp520_series_firmware:1.01.23:*:*:*:*:*:*:*
Cisco Systems, Inc./Small Business Srp521w
cpe:2.3:h:cisco:small_business_srp521w:*:*:*:*:*:*:*:*
Cisco Systems, Inc./Small Business Srp526w
cpe:2.3:h:cisco:small_business_srp526w:*:*:*:*:*:*:*:*
Cisco Systems, Inc./Small Business Srp527w
cpe:2.3:h:cisco:small_business_srp527w:*:*:*:*:*:*:*:*
Cisco Systems, Inc./Small Business Srp520 U Series Firmware
cpe:2.3:a:cisco:small_business_srp520-u_series_firmware:1.1.0:*:*:*:*:*:*:*
Cisco Systems, Inc./Small Business Srp521w U
cpe:2.3:h:cisco:small_business_srp521w-u:*:*:*:*:*:*:*:*
Cisco Systems, Inc./Small Business Srp526w U
cpe:2.3:h:cisco:small_business_srp526w-u:*:*:*:*:*:*:*:*
Cisco Systems, Inc./Small Business Srp527w U
cpe:2.3:h:cisco:small_business_srp527w-u:*:*:*:*:*:*:*:*
Cisco Systems, Inc./Small Business Srp540 Series Firmware2 versions
cpe:2.3:a:cisco:small_business_srp540_series_firmware:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:cisco:small_business_srp540_series_firmware:*:*:*:*:*:*:*:*range: <=1.02.01
- cpe:2.3:a:cisco:small_business_srp540_series_firmware:1.02.00.023:*:*:*:*:*:*:*
Cisco Systems, Inc./Small Business Srp541w
cpe:2.3:h:cisco:small_business_srp541w:*:*:*:*:*:*:*:*
Cisco Systems, Inc./Small Business Srp546w
cpe:2.3:h:cisco:small_business_srp546w:*:*:*:*:*:*:*:*
Cisco Systems, Inc./Small Business Srp547w
cpe:2.3:h:cisco:small_business_srp547w:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120223-srp500nvdVendor Advisory
www.securitytracker.com/idnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000