CVE-2011-4005 Information

Description

Cross-site request forgery (CSRF) vulnerability in the Services Ready Platform Configuration Utility web interface on the Cisco Small Business SRP521W SRP526W and SRP527W with firmware before 1.1.24 and the Small Business SRP541W SRP546W and SRP547W with firmware before 1.2.1 allows remote attackers to hijack the authentication of administrators for requests that execute arbitrary commands aka Bug ID CSCtr45124.

Reference

http://secunia.com/advisories/46664 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111102-srp500 http://www.securityfocus.com/bid/50495 http://www.securitytracker.com/id?1026266 https://exchange.xforce.ibmcloud.com/vulnerabilities/71103