What is CVE-2007-2586?

CVE-2007-2586 is a vulnerability in N/a. Published 2007-05-09.

Is CVE-2007-2586 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2007-2586

The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check user authorization, which allows remote attackers to execute arbitrary code, and have other impact including reading startup-config, as demonstrated by a crafted MKD com…

EPSS: 0.607 (98.3th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

alt3kx/alt3kx.github.io

References

20070509 Multiple Vulnerabilities in the IOS FTP Server (x_refsource_CISCO, vendor-advisory)
20080729 Remote Cisco IOS FTP exploit (mailing-list, x_refsource_BUGTRAQ)
ADV-2007-1749 (vdb-entry, x_refsource_VUPEN)
25199 (x_refsource_SECUNIA, third-party-advisory)
cisco-ios-ftp-unauthorized-access(34197) (vdb-entry, x_refsource_XF)
oval:org.mitre.oval:def:5036 (signature, x_refsource_OVAL, vdb-entry)
1018030 (vdb-entry, x_refsource_SECTRACK)
23885 (vdb-entry, x_refsource_BID)
20090120 Re: Remote Cisco IOS FTP exploit (mailing-list, x_refsource_BUGTRAQ)
6155 (exploit, x_refsource_EXPLOIT-DB)

Frequently asked questions

What is CVE-2007-2586?: CVE-2007-2586 is a vulnerability in N/a. Published 2007-05-09.
Is CVE-2007-2586 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.