critical
9.3
CWE
863
Advisory Published
Updated

CVE-2007-2586

First published: Wed May 09 2007(Updated: )

The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check user authorization, which allows remote attackers to execute arbitrary code, and have other impact including reading startup-config, as demonstrated by a crafted MKD command that involves access to a VTY device and overflows a buffer, aka bug ID CSCek55259.

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
Puppet Cisco IOS=12.0\(1\)t
Puppet Cisco IOS=12.0\(1\)t1
Puppet Cisco IOS=12.0\(1\)xe
Puppet Cisco IOS=12.0\(2\)s
Puppet Cisco IOS=12.0\(2\)t
Puppet Cisco IOS=12.0\(2\)t1
Puppet Cisco IOS=12.0\(2\)xe
Puppet Cisco IOS=12.0\(2\)xe1
Puppet Cisco IOS=12.0\(2\)xe3
Puppet Cisco IOS=12.0\(2\)xe4
Puppet Cisco IOS=12.0\(2a\)t1
Puppet Cisco IOS=12.0\(3\)s
Puppet Cisco IOS=12.0\(3\)t
Puppet Cisco IOS=12.0\(3\)t2
Puppet Cisco IOS=12.0\(3\)t3
Puppet Cisco IOS=12.0\(4\)s
Puppet Cisco IOS=12.0\(4\)t
Puppet Cisco IOS=12.0\(4\)xe
Puppet Cisco IOS=12.0\(4\)xe2
Puppet Cisco IOS=12.0\(5\)s
Puppet Cisco IOS=12.0\(5\)t
Puppet Cisco IOS=12.0\(5\)t1
Puppet Cisco IOS=12.0\(5\)xe
Puppet Cisco IOS=12.0\(5\)xe1
Puppet Cisco IOS=12.0\(5\)xe2
Puppet Cisco IOS=12.0\(5\)xe3
Puppet Cisco IOS=12.0\(5\)xe4
Puppet Cisco IOS=12.0\(5\)xe5
Puppet Cisco IOS=12.0\(5\)xe8
Puppet Cisco IOS=12.0\(5\)xk
Puppet Cisco IOS=12.0\(5\)xk1
Puppet Cisco IOS=12.0\(5\)xk2
Puppet Cisco IOS=12.0\(5\)xt1
Puppet Cisco IOS=12.0\(6\)s
Puppet Cisco IOS=12.0\(6\)s1
Puppet Cisco IOS=12.0\(6\)s2
Puppet Cisco IOS=12.0\(7\)s
Puppet Cisco IOS=12.0\(7\)s1
Puppet Cisco IOS=12.0\(7\)t
Puppet Cisco IOS=12.0\(7\)t1
Puppet Cisco IOS=12.0\(7\)t2
Puppet Cisco IOS=12.0\(7\)t3
Puppet Cisco IOS=12.0\(7\)xk
Puppet Cisco IOS=12.0\(7\)xk1
Puppet Cisco IOS=12.0\(7\)xk2
Puppet Cisco IOS=12.0\(7\)xk3
Puppet Cisco IOS=12.0\(8\)s
Puppet Cisco IOS=12.0\(8\)s1
Puppet Cisco IOS=12.0\(9\)s
Puppet Cisco IOS=12.0\(9\)s8
Puppet Cisco IOS=12.0\(9\)st
Puppet Cisco IOS=12.0\(10\)s
Puppet Cisco IOS=12.0\(10\)s1
Puppet Cisco IOS=12.0\(10\)s2
Puppet Cisco IOS=12.0\(10\)s3
Puppet Cisco IOS=12.0\(10\)s3b
Puppet Cisco IOS=12.0\(10\)s4
Puppet Cisco IOS=12.0\(10\)s5
Puppet Cisco IOS=12.0\(10\)s6
Puppet Cisco IOS=12.0\(10\)s7
Puppet Cisco IOS=12.0\(10\)s8
Puppet Cisco IOS=12.0\(10\)st
Puppet Cisco IOS=12.0\(10\)st1
Puppet Cisco IOS=12.0\(10\)st2
Puppet Cisco IOS=12.0\(11\)s
Puppet Cisco IOS=12.0\(11\)s1
Puppet Cisco IOS=12.0\(11\)s2
Puppet Cisco IOS=12.0\(11\)s3
Puppet Cisco IOS=12.0\(11\)s4
Puppet Cisco IOS=12.0\(11\)s5
Puppet Cisco IOS=12.0\(11\)s6
Puppet Cisco IOS=12.0\(11\)st
Puppet Cisco IOS=12.0\(11\)st1
Puppet Cisco IOS=12.0\(11\)st2
Puppet Cisco IOS=12.0\(11\)st3
Puppet Cisco IOS=12.0\(11\)st4
Puppet Cisco IOS=12.0\(28\)s4a
Puppet Cisco IOS=12.0\(31\)sz2
Puppet Cisco IOS=12.1\(3\)xi
Puppet Cisco IOS=12.1\(5\)xm
Puppet Cisco IOS=12.1\(5\)xm1
Puppet Cisco IOS=12.1\(5\)xm2
Puppet Cisco IOS=12.1\(5\)xm3
Puppet Cisco IOS=12.1\(5\)xm4
Puppet Cisco IOS=12.1\(5\)xm5
Puppet Cisco IOS=12.1\(5\)xm7
Puppet Cisco IOS=12.1\(5\)xm8
Puppet Cisco IOS=12.1\(5c\)ex
Puppet Cisco IOS=12.1\(5c\)ex1
Puppet Cisco IOS=12.1\(6\)ex
Puppet Cisco IOS=12.1\(8b\)ex4
Puppet Cisco IOS=12.1\(9\)ex
Puppet Cisco IOS=12.2\(8\)zb
Puppet Cisco IOS=12.2\(9\)yo
Puppet Cisco IOS=12.2\(9\)yo1
Puppet Cisco IOS=12.2\(9\)yo2
Puppet Cisco IOS=12.2\(9\)yo3
Puppet Cisco IOS=12.2\(9\)yo4
Puppet Cisco IOS=12.2\(11\)yz
Puppet Cisco IOS=12.2\(11\)yz1
Puppet Cisco IOS=12.2\(11\)yz2
Puppet Cisco IOS=12.2\(11\)yz3
Puppet Cisco IOS=12.2\(12b\)m1
Puppet Cisco IOS=12.2\(12h\)m1
Puppet Cisco IOS=12.2\(13\)zf
Puppet Cisco IOS=12.2\(13\)zf1
Puppet Cisco IOS=12.2\(13\)zf2
Puppet Cisco IOS=12.2\(13\)zh
Puppet Cisco IOS=12.2\(13\)zh1
Puppet Cisco IOS=12.2\(13\)zh2
Puppet Cisco IOS=12.2\(13\)zh3
Puppet Cisco IOS=12.2\(13\)zh4
Puppet Cisco IOS=12.2\(13\)zh5
Puppet Cisco IOS=12.2\(13b\)m1
Puppet Cisco IOS=12.2\(13b\)m2
Puppet Cisco IOS=12.2\(14\)sz
Puppet Cisco IOS=12.2\(14\)sz1
Puppet Cisco IOS=12.2\(14\)sz2
Puppet Cisco IOS=12.2\(14\)sz3
Puppet Cisco IOS=12.2\(14\)sz4
Puppet Cisco IOS=12.2\(14\)sz5
Puppet Cisco IOS=12.2\(14\)sz6
Puppet Cisco IOS=12.2\(15\)zj
Puppet Cisco IOS=12.2\(15\)zj1
Puppet Cisco IOS=12.2\(15\)zj2
Puppet Cisco IOS=12.2\(15\)zj3
Puppet Cisco IOS=12.2\(15\)zj4
Puppet Cisco IOS=12.2\(15\)zj5
Puppet Cisco IOS=12.2\(15\)zl
Puppet Cisco IOS=12.2\(15\)zl1
Puppet Cisco IOS=12.2\(15\)zn
Puppet Cisco IOS=12.2\(18\)s
Puppet Cisco IOS=12.2\(18\)s1
Puppet Cisco IOS=12.2\(18\)s2
Puppet Cisco IOS=12.2\(18\)s3
Puppet Cisco IOS=12.2\(18\)s4
Puppet Cisco IOS=12.2\(20\)s
Puppet Cisco IOS=12.2\(20\)s1
Puppet Cisco IOS=12.2\(20\)s2
Puppet Cisco IOS=12.2\(20\)s2a
Puppet Cisco IOS=12.2\(20\)s3
Puppet Cisco IOS=12.2\(20\)s4
Puppet Cisco IOS=12.2\(20\)s4a
Puppet Cisco IOS=12.2\(20\)s5
Puppet Cisco IOS=12.2\(20\)s6
Puppet Cisco IOS=12.2\(22\)s
Puppet Cisco IOS=12.2\(25\)s
Puppet Cisco IOS=12.2\(25\)s1
Puppet Cisco IOS=12.2\(25\)s2
Puppet Cisco IOS=12.2\(25\)se
Puppet Cisco IOS=12.3\(1a\)b
Puppet Cisco IOS=12.3\(2\)ja3
Puppet Cisco IOS=12.3\(2\)ja4
Puppet Cisco IOS=12.3\(2\)t
Puppet Cisco IOS=12.3\(2\)t1
Puppet Cisco IOS=12.3\(2\)t2
Puppet Cisco IOS=12.3\(2\)t3
Puppet Cisco IOS=12.3\(2\)t4
Puppet Cisco IOS=12.3\(2\)t5
Puppet Cisco IOS=12.3\(2\)t6
Puppet Cisco IOS=12.3\(2\)t7
Puppet Cisco IOS=12.3\(2\)t8
Puppet Cisco IOS=12.3\(2\)t9
Puppet Cisco IOS=12.3\(2\)xa
Puppet Cisco IOS=12.3\(2\)xa1
Puppet Cisco IOS=12.3\(2\)xa2
Puppet Cisco IOS=12.3\(2\)xa3
Puppet Cisco IOS=12.3\(2\)xa4
Puppet Cisco IOS=12.3\(2\)xa5
Puppet Cisco IOS=12.3\(2\)xc
Puppet Cisco IOS=12.3\(2\)xc1
Puppet Cisco IOS=12.3\(2\)xc2
Puppet Cisco IOS=12.3\(2\)xe
Puppet Cisco IOS=12.3\(2\)xe1
Puppet Cisco IOS=12.3\(2\)xe2
Puppet Cisco IOS=12.3\(2\)xe3
Puppet Cisco IOS=12.3\(2\)xe4
Puppet Cisco IOS=12.3\(2\)xf
Puppet Cisco IOS=12.3\(3\)b
Puppet Cisco IOS=12.3\(3\)b1
Puppet Cisco IOS=12.3\(4\)t
Puppet Cisco IOS=12.3\(4\)t1
Puppet Cisco IOS=12.3\(4\)t2
Puppet Cisco IOS=12.3\(4\)t3
Puppet Cisco IOS=12.3\(4\)t4
Puppet Cisco IOS=12.3\(4\)t5
Puppet Cisco IOS=12.3\(4\)t6
Puppet Cisco IOS=12.3\(4\)t7
Puppet Cisco IOS=12.3\(4\)t8
Puppet Cisco IOS=12.3\(4\)t9
Puppet Cisco IOS=12.3\(4\)t10
Puppet Cisco IOS=12.3\(4\)t11
Puppet Cisco IOS=12.3\(4\)tpc11a
Puppet Cisco IOS=12.3\(4\)xd
Puppet Cisco IOS=12.3\(4\)xd1
Puppet Cisco IOS=12.3\(4\)xd2
Puppet Cisco IOS=12.3\(4\)xd3
Puppet Cisco IOS=12.3\(4\)xd4
Puppet Cisco IOS=12.3\(4\)xg
Puppet Cisco IOS=12.3\(4\)xg1
Puppet Cisco IOS=12.3\(4\)xg2
Puppet Cisco IOS=12.3\(4\)xg3
Puppet Cisco IOS=12.3\(4\)xg4
Puppet Cisco IOS=12.3\(4\)xg5
Puppet Cisco IOS=12.3\(4\)xh
Puppet Cisco IOS=12.3\(4\)xh1
Puppet Cisco IOS=12.3\(4\)xk
Puppet Cisco IOS=12.3\(4\)xk1
Puppet Cisco IOS=12.3\(4\)xk2
Puppet Cisco IOS=12.3\(4\)xk3
Puppet Cisco IOS=12.3\(4\)xk4
Puppet Cisco IOS=12.3\(4\)xq
Puppet Cisco IOS=12.3\(4\)xq1
Puppet Cisco IOS=12.3\(4\)ye
Puppet Cisco IOS=12.3\(4\)ye1
Puppet Cisco IOS=12.3\(5a\)b
Puppet Cisco IOS=12.3\(5a\)b0a
Puppet Cisco IOS=12.3\(5a\)b1
Puppet Cisco IOS=12.3\(5a\)b2
Puppet Cisco IOS=12.3\(5a\)b3
Puppet Cisco IOS=12.3\(5a\)b4
Puppet Cisco IOS=12.3\(5a\)b5
Puppet Cisco IOS=12.3\(7\)jx9
Puppet Cisco IOS=12.3\(7\)t
Puppet Cisco IOS=12.3\(7\)t1
Puppet Cisco IOS=12.3\(7\)t2
Puppet Cisco IOS=12.3\(7\)t3
Puppet Cisco IOS=12.3\(7\)t4
Puppet Cisco IOS=12.3\(7\)t6
Puppet Cisco IOS=12.3\(7\)t7
Puppet Cisco IOS=12.3\(7\)t8
Puppet Cisco IOS=12.3\(7\)t9
Puppet Cisco IOS=12.3\(7\)t10
Puppet Cisco IOS=12.3\(7\)t11
Puppet Cisco IOS=12.3\(7\)t12
Puppet Cisco IOS=12.3\(7\)xi3a
Puppet Cisco IOS=12.3\(7\)xl
Puppet Cisco IOS=12.3\(7\)xr
Puppet Cisco IOS=12.3\(7\)xr1
Puppet Cisco IOS=12.3\(7\)xr2
Puppet Cisco IOS=12.3\(7\)xr3
Puppet Cisco IOS=12.3\(7\)xr4
Puppet Cisco IOS=12.3\(7\)xr5
Puppet Cisco IOS=12.3\(7\)xr6
Puppet Cisco IOS=12.3\(7\)xs
Puppet Cisco IOS=12.3\(7\)xs1
Puppet Cisco IOS=12.3\(7\)xs2
Puppet Cisco IOS=12.3\(8\)jk
Puppet Cisco IOS=12.3\(8\)t
Puppet Cisco IOS=12.3\(8\)t1
Puppet Cisco IOS=12.3\(8\)t2
Puppet Cisco IOS=12.3\(8\)t3
Puppet Cisco IOS=12.3\(8\)t4
Puppet Cisco IOS=12.3\(8\)t5
Puppet Cisco IOS=12.3\(8\)t6
Puppet Cisco IOS=12.3\(8\)t7
Puppet Cisco IOS=12.3\(8\)t8
Puppet Cisco IOS=12.3\(8\)t9
Puppet Cisco IOS=12.3\(8\)t10
Puppet Cisco IOS=12.3\(8\)t11
Puppet Cisco IOS=12.3\(8\)xx
Puppet Cisco IOS=12.3\(8\)xx1
Puppet Cisco IOS=12.3\(8\)xx2
Puppet Cisco IOS=12.3\(8\)xx2a
Puppet Cisco IOS=12.3\(8\)xx2b
Puppet Cisco IOS=12.3\(8\)xx2c
Puppet Cisco IOS=12.3\(8\)ya
Puppet Cisco IOS=12.3\(8\)ya1
Puppet Cisco IOS=12.3\(8\)yc
Puppet Cisco IOS=12.3\(8\)yc1
Puppet Cisco IOS=12.3\(8\)yc2
Puppet Cisco IOS=12.3\(8\)yc3
Puppet Cisco IOS=12.3\(8\)yd
Puppet Cisco IOS=12.3\(8\)yd1
Puppet Cisco IOS=12.3\(8\)yg
Puppet Cisco IOS=12.3\(8\)yg1
Puppet Cisco IOS=12.3\(8\)yg2
Puppet Cisco IOS=12.3\(8\)yg3
Puppet Cisco IOS=12.3\(8\)yg4
Puppet Cisco IOS=12.3\(8\)yg5
Puppet Cisco IOS=12.3\(8\)yh
Puppet Cisco IOS=12.3\(8\)yi
Puppet Cisco IOS=12.3\(8\)yi1
Puppet Cisco IOS=12.3\(8\)yi2
Puppet Cisco IOS=12.3\(8\)yi3
Puppet Cisco IOS=12.3\(8\)za
Puppet Cisco IOS=12.3\(9\)m0
Puppet Cisco IOS=12.3\(9\)m1
Puppet Cisco IOS=12.3\(10a\)m0
Puppet Cisco IOS=12.3\(11\)ja2
Puppet Cisco IOS=12.3\(11\)jx
Puppet Cisco IOS=12.3\(11\)jx1
Puppet Cisco IOS=12.3\(11\)t
Puppet Cisco IOS=12.3\(11\)t1
Puppet Cisco IOS=12.3\(11\)t2
Puppet Cisco IOS=12.3\(11\)t3
Puppet Cisco IOS=12.3\(11\)t4
Puppet Cisco IOS=12.3\(11\)t5
Puppet Cisco IOS=12.3\(11\)t6
Puppet Cisco IOS=12.3\(11\)t7
Puppet Cisco IOS=12.3\(11\)t8
Puppet Cisco IOS=12.3\(11\)t9
Puppet Cisco IOS=12.3\(11\)t10
Puppet Cisco IOS=12.3\(11\)t11
Puppet Cisco IOS=12.3\(11\)to3
Puppet Cisco IOS=12.3\(11\)xl
Puppet Cisco IOS=12.3\(11\)xl1
Puppet Cisco IOS=12.3\(11\)xl2
Puppet Cisco IOS=12.3\(11\)xl3
Puppet Cisco IOS=12.3\(11\)yf2
Puppet Cisco IOS=12.3\(11\)yk
Puppet Cisco IOS=12.3\(11\)yk1
Puppet Cisco IOS=12.3\(11\)yk2
Puppet Cisco IOS=12.3\(11\)yl
Puppet Cisco IOS=12.3\(11\)yl1
Puppet Cisco IOS=12.3\(11\)yl2
Puppet Cisco IOS=12.3\(11\)ys
Puppet Cisco IOS=12.3\(11\)ys1
Puppet Cisco IOS=12.3\(11\)yz
Puppet Cisco IOS=12.3\(11\)yz1
Puppet Cisco IOS=12.3\(11\)zb
Puppet Cisco IOS=12.3\(11\)zb1
Puppet Cisco IOS=12.3\(14\)t
Puppet Cisco IOS=12.3\(14\)t1
Puppet Cisco IOS=12.3\(14\)t2
Puppet Cisco IOS=12.3\(14\)t3
Puppet Cisco IOS=12.3\(14\)t4
Puppet Cisco IOS=12.3\(14\)t5
Puppet Cisco IOS=12.3\(14\)t6
Puppet Cisco IOS=12.3\(14\)t7
Puppet Cisco IOS=12.3\(14\)ym2
Puppet Cisco IOS=12.3\(14\)ym3
Puppet Cisco IOS=12.3\(14\)ym4
Puppet Cisco IOS=12.3\(14\)ym5
Puppet Cisco IOS=12.3\(14\)ym6
Puppet Cisco IOS=12.3\(14\)ym7
Puppet Cisco IOS=12.3\(14\)ym8
Puppet Cisco IOS=12.3\(14\)ym9
Puppet Cisco IOS=12.3\(14\)yt
Puppet Cisco IOS=12.3\(14\)yt1
Puppet Cisco IOS=12.4\(2\)t
Puppet Cisco IOS=12.4\(2\)t1
Puppet Cisco IOS=12.4\(2\)t2
Puppet Cisco IOS=12.4\(2\)t3
Puppet Cisco IOS=12.4\(2\)t4
Puppet Cisco IOS=12.4\(2\)t5
Puppet Cisco IOS=12.4\(2\)xa
Puppet Cisco IOS=12.4\(2\)xa1
Puppet Cisco IOS=12.4\(2\)xa2
Puppet Cisco IOS=12.4\(4\)t
Puppet Cisco IOS=12.4\(4\)t1
Puppet Cisco IOS=12.4\(4\)t2
Puppet Cisco IOS=12.4\(4\)t3
Puppet Cisco IOS=12.4\(4\)t4
Puppet Cisco IOS=12.4\(4\)t5
Puppet Cisco IOS=12.4\(4\)xc
Puppet Cisco IOS=12.4\(4\)xc1
Puppet Cisco IOS=12.4\(4\)xc2
Puppet Cisco IOS=12.4\(4\)xc3
Puppet Cisco IOS=12.4\(4\)xc4
Puppet Cisco IOS=12.4\(4\)xc5
Puppet Cisco IOS=12.4\(4\)xd
Puppet Cisco IOS=12.4\(4\)xd1
Puppet Cisco IOS=12.4\(4\)xd2
Puppet Cisco IOS=12.4\(4\)xd3
Puppet Cisco IOS=12.4\(5a\)m0
Puppet Cisco IOS=12.4\(6\)t
Puppet Cisco IOS=12.4\(6\)t1
Puppet Cisco IOS=12.4\(6\)t2
Puppet Cisco IOS=12.4\(6\)t3
Puppet Cisco IOS=12.4\(6\)t4
Puppet Cisco IOS=12.4\(6\)t5
Puppet Cisco IOS=12.4\(6\)xe
Puppet Cisco IOS=12.4\(6\)xe1
Puppet Cisco IOS=12.4\(6\)xe2
Puppet Cisco IOS=12.4\(9\)t
Puppet Cisco IOS=12.4\(9\)t0a
Puppet Cisco IOS=12.4\(9\)t1
Puppet Cisco IOS=12.4\(11\)sw
Puppet Cisco IOS=12.4\(11\)sw1

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2007-2586?

    CVE-2007-2586 is rated as critical due to the potential for remote code execution.

  • How do I fix CVE-2007-2586?

    To fix CVE-2007-2586, update your Cisco IOS to a version that has patched this vulnerability.

  • Which versions of Cisco IOS are affected by CVE-2007-2586?

    CVE-2007-2586 affects Cisco IOS versions from 11.3 through 12.4.

  • Can CVE-2007-2586 lead to unauthorized access?

    Yes, CVE-2007-2586 potentially allows attackers to execute arbitrary commands, which can lead to unauthorized access.

  • Is there a known exploit for CVE-2007-2586?

    Yes, crafted MKD commands have been demonstrated to exploit CVE-2007-2586, allowing remote code execution.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203