Cisco Security Advisory: Cisco Small Business SRP 500 Series
Cisco Releases Security Advisory for Cisco Small Business SRP 500 Series
Cisco Small Business (SRP 500) Series Services Ready Platforms contain the following three vulnerabilities:
These vulnerabilities can be exploited using sessions to the Services Ready Platform Configuration Utility web interface. These vulnerabilities could be exploited from the local LAN side of the SRP
device by default configuration and the WAN side of the SRP device if remote management is enabled. Remote management is disabled by default.
Cisco has released free software updates that address these vulnerabilities.
Workarounds that mitigate these vulnerabilities are available.
This advisory is available at the following link:
The following Cisco SRP 520 Series models are affected if running firmware prior to version 1.1.26:
* Cisco SRP 521W
* Cisco SRP 526W
* Cisco SRP 527W
The following Cisco SRP 520W-U Series models are affected if running firmware prior to version 1.2.4:
* Cisco SRP 521W-U
* Cisco SRP 526W-U
* Cisco SRP 527W-U
The following Cisco SRP 540 Series models are affected if running firmware prior to version 1.2.4:
* Cisco SRP 541W
* Cisco SRP 546W
* Cisco SRP 547W
To view the firmware version on a device, log in to the Services Ready Platform Configuration Utility and navigate to the Status > Router page to view information about the Cisco SRP Series device and its firmware status. The Firmware Version field indicates the current running version of firmware on the Cisco SRP 500 Series device.
More information regarding these vulnerabilities:
The latest Cisco SRP 500 Series Services Ready Platforms firmware can
be downloaded at:
- Cisco Security Advisory: Cisco NX-OS (netsecurityit.wordpress.com)