critical
9.3
CWE
863
Advisory Published
Updated

CVE-2007-2586

First published: Wed May 09 2007(Updated: )

The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check user authorization, which allows remote attackers to execute arbitrary code, and have other impact including reading startup-config, as demonstrated by a crafted MKD command that involves access to a VTY device and overflows a buffer, aka bug ID CSCek55259.

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
Cisco IOS=12.0\(10\)s6
Cisco IOS=12.1\(5\)xm1
Cisco IOS=12.4\(2\)t2
Cisco IOS=12.3\(14\)ym4
Cisco IOS=12.0\(8\)s1
Cisco IOS=12.2\(14\)sz1
Cisco IOS=12.4\(2\)xa1
Cisco IOS=12.3\(2\)xe4
Cisco IOS=12.3\(14\)t5
Cisco IOS=12.4\(2\)t4
Cisco IOS=12.3\(4\)t9
Cisco IOS=12.3\(11\)t9
Cisco IOS=12.0\(3\)t3
Cisco IOS=12.0\(5\)t1
Cisco IOS=12.4\(6\)t4
Cisco IOS=12.3\(4\)xd1
Cisco IOS=12.4\(6\)t
Cisco IOS=12.3\(7\)t1
Cisco IOS=12.3\(14\)ym8
Cisco IOS=12.3\(7\)xr2
Cisco IOS=12.3\(7\)xs2
Cisco IOS=12.2\(13\)zf
Cisco IOS=12.3\(14\)t7
Cisco IOS=12.4\(11\)sw
Cisco IOS=12.1\(3\)xi
Cisco IOS=12.3\(11\)t10
Cisco IOS=12.0\(7\)s
Cisco IOS=12.0\(10\)s3
Cisco IOS=12.0\(9\)st
Cisco IOS=12.3\(11\)yf2
Cisco IOS=12.0\(2\)t
Cisco IOS=12.3\(11\)t8
Cisco IOS=12.3\(7\)xr
Cisco IOS=12.0\(11\)st
Cisco IOS=12.4\(9\)t1
Cisco IOS=12.3\(8\)t6
Cisco IOS=12.2\(12b\)m1
Cisco IOS=12.3\(2\)xa1
Cisco IOS=12.1\(9\)ex
Cisco IOS=12.3\(5a\)b3
Cisco IOS=12.3\(11\)t4
Cisco IOS=12.3\(8\)xx
Cisco IOS=12.3\(8\)yg
Cisco IOS=12.3\(14\)t2
Cisco IOS=12.0\(10\)s5
Cisco IOS=12.2\(20\)s2
Cisco IOS=12.2\(20\)s1
Cisco IOS=12.3\(2\)ja4
Cisco IOS=12.3\(7\)t9
Cisco IOS=12.3\(2\)xa
Cisco IOS=12.0\(5\)xk2
Cisco IOS=12.0\(5\)xk1
Cisco IOS=12.2\(11\)yz
Cisco IOS=12.3\(8\)t5
Cisco IOS=12.3\(7\)t8
Cisco IOS=12.3\(11\)yz1
Cisco IOS=12.3\(11\)xl
Cisco IOS=12.2\(13\)zh1
Cisco IOS=12.1\(6\)ex
Cisco IOS=12.3\(14\)t3
Cisco IOS=12.2\(25\)s
Cisco IOS=12.0\(11\)s3
Cisco IOS=12.3\(2\)t1
Cisco IOS=12.0\(11\)st3
Cisco IOS=12.4\(4\)t
Cisco IOS=12.3\(4\)t2
Cisco IOS=12.3\(11\)t
Cisco IOS=12.3\(4\)t11
Cisco IOS=12.0\(11\)s
Cisco IOS=12.3\(14\)ym5
Cisco IOS=12.3\(5a\)b
Cisco IOS=12.2\(9\)yo4
Cisco IOS=12.0\(9\)s
Cisco IOS=12.3\(8\)yg1
Cisco IOS=12.3\(2\)t9
Cisco IOS=12.2\(14\)sz4
Cisco IOS=12.0\(7\)xk
Cisco IOS=12.3\(11\)t3
Cisco IOS=12.3\(5a\)b2
Cisco IOS=12.3\(4\)xk3
Cisco IOS=12.2\(9\)yo1
Cisco IOS=12.2\(13\)zh3
Cisco IOS=12.1\(5\)xm5
Cisco IOS=12.3\(8\)t11
Cisco IOS=12.0\(3\)t
Cisco IOS=12.0\(5\)xe2
Cisco IOS=12.3\(4\)xk1
Cisco IOS=12.3\(4\)t10
Cisco IOS=12.3\(14\)ym3
Cisco IOS=12.2\(20\)s6
Cisco IOS=12.0\(9\)s8
Cisco IOS=12.4\(2\)t1
Cisco IOS=12.0\(1\)t1
Cisco IOS=12.3\(5a\)b5
Cisco IOS=12.3\(4\)xd2
Cisco IOS=12.4\(6\)xe
Cisco IOS=12.3\(2\)xe1
Cisco IOS=12.3\(14\)t4
Cisco IOS=12.3\(8\)t9
Cisco IOS=12.0\(10\)st
Cisco IOS=12.4\(4\)xc
Cisco IOS=12.3\(4\)t3
Cisco IOS=12.2\(25\)s1
Cisco IOS=12.0\(2\)t1
Cisco IOS=12.0\(10\)s8
Cisco IOS=12.3\(8\)t3
Cisco IOS=12.3\(8\)t7
Cisco IOS=12.3\(8\)jk
Cisco IOS=12.4\(2\)t5
Cisco IOS=12.2\(13\)zh4
Cisco IOS=12.0\(7\)s1
Cisco IOS=12.4\(4\)t4
Cisco IOS=12.2\(15\)zn
Cisco IOS=12.3\(2\)t3
Cisco IOS=12.3\(11\)jx1
Cisco IOS=12.1\(5\)xm2
Cisco IOS=12.3\(11\)yk
Cisco IOS=12.4\(4\)xd2
Cisco IOS=12.3\(7\)t2
Cisco IOS=12.3\(14\)t
Cisco IOS=12.3\(3\)b
Cisco IOS=12.3\(2\)t8
Cisco IOS=12.3\(14\)ym7
Cisco IOS=12.4\(6\)t5
Cisco IOS=12.3\(14\)ym2
Cisco IOS=12.0\(6\)s
Cisco IOS=12.3\(8\)yd1
Cisco IOS=12.4\(2\)t3
Cisco IOS=12.3\(11\)xl1
Cisco IOS=12.3\(2\)xe
Cisco IOS=12.4\(6\)t3
Cisco IOS=12.0\(1\)xe
Cisco IOS=12.0\(11\)s1
Cisco IOS=12.4\(4\)t1
Cisco IOS=12.3\(4\)xk
Cisco IOS=12.0\(11\)st1
Cisco IOS=12.2\(25\)se
Cisco IOS=12.3\(1a\)b
Cisco IOS=12.3\(7\)t3
Cisco IOS=12.0\(4\)xe
Cisco IOS=12.0\(10\)st1
Cisco IOS=12.3\(11\)ys
Cisco IOS=12.2\(22\)s
Cisco IOS=12.3\(4\)xh
Cisco IOS=12.2\(11\)yz1
Cisco IOS=12.2\(13\)zh2
Cisco IOS=12.3\(8\)t4
Cisco IOS=12.2\(11\)yz2
Cisco IOS=12.4\(4\)xc3
Cisco IOS=12.0\(2a\)t1
Cisco IOS=12.0\(6\)s1
Cisco IOS=12.2\(12h\)m1
Cisco IOS=12.0\(7\)t
Cisco IOS=12.3\(7\)xs
Cisco IOS=12.0\(11\)st2
Cisco IOS=12.2\(15\)zl
Cisco IOS=12.0\(5\)xe3
Cisco IOS=12.4\(4\)t2
Cisco IOS=12.3\(4\)xd4
Cisco IOS=12.1\(5\)xm
Cisco IOS=12.3\(2\)xa3
Cisco IOS=12.3\(4\)t
Cisco IOS=12.2\(20\)s5
Cisco IOS=12.0\(11\)st4
Cisco IOS=12.3\(11\)xl3
Cisco IOS=12.2\(8\)zb
Cisco IOS=12.2\(13\)zf1
Cisco IOS=12.3\(4\)xq
Cisco IOS=12.3\(11\)ys1
Cisco IOS=12.3\(8\)yd
Cisco IOS=12.3\(4\)xk4
Cisco IOS=12.3\(11\)yz
Cisco IOS=12.3\(2\)ja3
Cisco IOS=12.3\(4\)xg3
Cisco IOS=12.0\(10\)s7
Cisco IOS=12.1\(5\)xm7
Cisco IOS=12.0\(7\)t2
Cisco IOS=12.3\(4\)t7
Cisco IOS=12.3\(4\)xg5
Cisco IOS=12.4\(2\)t
Cisco IOS=12.1\(5\)xm4
Cisco IOS=12.3\(7\)xr4
Cisco IOS=12.3\(2\)t4
Cisco IOS=12.0\(7\)xk3
Cisco IOS=12.3\(7\)t
Cisco IOS=12.3\(4\)t4
Cisco IOS=12.3\(8\)yg2
Cisco IOS=12.0\(11\)s4
Cisco IOS=12.3\(7\)t11
Cisco IOS=12.0\(1\)t
Cisco IOS=12.0\(8\)s
Cisco IOS=12.3\(14\)yt
Cisco IOS=12.0\(11\)s2
Cisco IOS=12.0\(5\)xe
Cisco IOS=12.4\(4\)xc2
Cisco IOS=12.1\(8b\)ex4
Cisco IOS=12.4\(6\)t1
Cisco IOS=12.3\(2\)xf
Cisco IOS=12.3\(8\)yi1
Cisco IOS=12.3\(14\)ym6
Cisco IOS=12.3\(2\)xe3
Cisco IOS=12.3\(7\)xr5
Cisco IOS=12.2\(9\)yo
Cisco IOS=12.3\(14\)t6
Cisco IOS=12.3\(8\)ya
Cisco IOS=12.3\(4\)xg
Cisco IOS=12.3\(11\)ja2
Cisco IOS=12.3\(2\)t2
Cisco IOS=12.4\(6\)xe2
Cisco IOS=12.4\(4\)xd
Cisco IOS=12.0\(5\)xe4
Cisco IOS=12.3\(7\)t12
Cisco IOS=12.2\(14\)sz3
Cisco IOS=12.0\(5\)xe1
Cisco IOS=12.3\(7\)t7
Cisco IOS=12.3\(8\)ya1
Cisco IOS=12.4\(4\)xc5
Cisco IOS=12.3\(8\)yg4
Cisco IOS=12.3\(11\)t6
Cisco IOS=12.4\(4\)t3
Cisco IOS=12.0\(10\)s4
Cisco IOS=12.3\(4\)xd
Cisco IOS=12.3\(2\)t7
Cisco IOS=12.3\(7\)t6
Cisco IOS=12.4\(9\)t
Cisco IOS=12.2\(18\)s3
Cisco IOS=12.3\(4\)t1
Cisco IOS=12.2\(15\)zj5
Cisco IOS=12.0\(4\)t
Cisco IOS=12.2\(15\)zj2
Cisco IOS=12.3\(8\)t
Cisco IOS=12.3\(11\)t11
Cisco IOS=12.3\(11\)yk2
Cisco IOS=12.3\(7\)xr3
Cisco IOS=12.3\(8\)xx1
Cisco IOS=12.2\(18\)s4
Cisco IOS=12.3\(4\)t6
Cisco IOS=12.2\(15\)zj3
Cisco IOS=12.0\(2\)s
Cisco IOS=12.2\(13\)zf2
Cisco IOS=12.2\(13\)zh
Cisco IOS=12.4\(4\)xc1
Cisco IOS=12.3\(11\)yl
Cisco IOS=12.3\(11\)t5
Cisco IOS=12.2\(9\)yo2
Cisco IOS=12.2\(18\)s
Cisco IOS=12.3\(4\)xg1
Cisco IOS=12.0\(7\)t3
Cisco IOS=12.2\(15\)zj1
Cisco IOS=12.3\(8\)t10
Cisco IOS=12.3\(2\)t
Cisco IOS=12.0\(10\)s1
Cisco IOS=12.1\(5c\)ex
Cisco IOS=12.3\(8\)yi
Cisco IOS=12.0\(7\)xk2
Cisco IOS=12.2\(14\)sz2
Cisco IOS=12.0\(2\)xe4
Cisco IOS=12.2\(20\)s4
Cisco IOS=12.3\(2\)xa4
Cisco IOS=12.3\(8\)yi2
Cisco IOS=12.2\(20\)s3
Cisco IOS=12.0\(6\)s2
Cisco IOS=12.0\(3\)s
Cisco IOS=12.3\(2\)xc
Cisco IOS=12.3\(2\)t6
Cisco IOS=12.0\(5\)xe8
Cisco IOS=12.2\(25\)s2
Cisco IOS=12.4\(4\)xd1
Cisco IOS=12.2\(18\)s1
Cisco IOS=12.2\(9\)yo3
Cisco IOS=12.3\(8\)za
Cisco IOS=12.0\(11\)s5
Cisco IOS=12.4\(4\)t5
Cisco IOS=12.0\(2\)xe3
Cisco IOS=12.3\(2\)xc2
Cisco IOS=12.2\(18\)s2
Cisco IOS=12.3\(11\)yk1
Cisco IOS=12.3\(14\)yt1
Cisco IOS=12.3\(5a\)b4
Cisco IOS=12.0\(2\)xe1
Cisco IOS=12.4\(2\)xa
Cisco IOS=12.0\(7\)t1
Cisco IOS=12.3\(8\)yi3
Cisco IOS=12.0\(5\)xt1
Cisco IOS=12.3\(11\)t7
Cisco IOS=12.0\(11\)s6
Cisco IOS=12.1\(5\)xm3
Cisco IOS=12.3\(7\)t4
Cisco IOS=12.3\(7\)xs1
Cisco IOS=12.3\(2\)xc1
Cisco IOS=12.3\(4\)xg2
Cisco IOS=12.0\(5\)t
Cisco IOS=12.3\(3\)b1
Cisco IOS=12.3\(5a\)b1
Cisco IOS=12.0\(10\)st2
Cisco IOS=12.3\(8\)yh
Cisco IOS=12.3\(4\)xg4
Cisco IOS=12.0\(10\)s3b
Cisco IOS=12.3\(8\)t8
Cisco IOS=12.3\(11\)jx
Cisco IOS=12.3\(2\)xa5
Cisco IOS=12.2\(15\)zl1
Cisco IOS=12.3\(7\)xr6
Cisco IOS=12.3\(11\)t2
Cisco IOS=12.4\(2\)xa2
Cisco IOS=12.0\(5\)xe5
Cisco IOS=12.0\(7\)xk1
Cisco IOS=12.4\(6\)t2
Cisco IOS=12.0\(10\)s
Cisco IOS=12.3\(8\)yg5
Cisco IOS=12.0\(10\)s2
Cisco IOS=12.2\(13\)zh5
Cisco IOS=12.3\(4\)xd3
Cisco IOS=12.3\(2\)t5
Cisco IOS=12.4\(4\)xc4
Cisco IOS=12.0\(5\)xk
Cisco IOS=12.2\(20\)s
Cisco IOS=12.0\(3\)t2
Cisco IOS=12.3\(2\)xe2
Cisco IOS=12.0\(4\)s
Cisco IOS=12.4\(11\)sw1
Cisco IOS=12.2\(14\)sz5
Cisco IOS=12.3\(4\)tpc11a
Cisco IOS=12.3\(2\)xa2
Cisco IOS=12.3\(7\)t10
Cisco IOS=12.1\(5c\)ex1
Cisco IOS=12.3\(8\)t1
Cisco IOS=12.3\(4\)t8
Cisco IOS=12.3\(14\)ym9
Cisco IOS=12.1\(5\)xm8
Cisco IOS=12.3\(4\)xq1
Cisco IOS=12.4\(6\)xe1
Cisco IOS=12.2\(14\)sz
Cisco IOS=12.2\(15\)zj
Cisco IOS=12.3\(14\)t1
Cisco IOS=12.2\(14\)sz6
Cisco IOS=12.3\(4\)xk2
Cisco IOS=12.3\(7\)jx9
Cisco IOS=12.3\(8\)yg3
Cisco IOS=12.0\(4\)xe2
Cisco IOS=12.0\(5\)s
Cisco IOS=12.0\(2\)xe
Cisco IOS=12.2\(20\)s4a
Cisco IOS=12.2\(20\)s2a
Cisco IOS=12.2\(11\)yz3
Cisco IOS=12.0\(28\)s4a
Cisco IOS=12.3\(9\)m0
Cisco IOS=12.2\(13b\)m2
Cisco IOS=12.0\(31\)sz2
Cisco IOS=12.3\(7\)xi3a
Cisco IOS=12.3\(9\)m1
Cisco IOS=12.2\(13b\)m1
Cisco IOS=12.4\(4\)xd3
Cisco IOS=12.4\(9\)t0a
Cisco IOS=12.3\(8\)xx2b
Cisco IOS=12.3\(8\)xx2c
Cisco IOS=12.3\(8\)xx2a
Cisco IOS=12.3\(11\)yl1
Cisco IOS=12.3\(7\)xl
Cisco IOS=12.3\(4\)xh1
Cisco IOS=12.3\(4\)t5
Cisco IOS=12.3\(11\)to3
Cisco IOS=12.3\(11\)zb
Cisco IOS=12.3\(8\)yc2
Cisco IOS=12.3\(8\)t2
Cisco IOS=12.3\(4\)ye1
Cisco IOS=12.3\(4\)ye
Cisco IOS=12.3\(8\)yc3
Cisco IOS=12.3\(8\)yc1
Cisco IOS=12.3\(7\)xr1
Cisco IOS=12.3\(8\)xx2
Cisco IOS=12.3\(8\)yc
Cisco IOS=12.3\(11\)t1
Cisco IOS=12.3\(11\)xl2
Cisco IOS=12.4\(5a\)m0
Cisco IOS=12.3\(11\)zb1
Cisco IOS=12.3\(11\)yl2
Cisco IOS=12.3\(10a\)m0
Cisco IOS=12.2\(15\)zj4
Cisco IOS=12.3\(5a\)b0a

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2007-2586?

    CVE-2007-2586 is rated as critical due to the potential for remote code execution.

  • How do I fix CVE-2007-2586?

    To fix CVE-2007-2586, update your Cisco IOS to a version that has patched this vulnerability.

  • Which versions of Cisco IOS are affected by CVE-2007-2586?

    CVE-2007-2586 affects Cisco IOS versions from 11.3 through 12.4.

  • Can CVE-2007-2586 lead to unauthorized access?

    Yes, CVE-2007-2586 potentially allows attackers to execute arbitrary commands, which can lead to unauthorized access.

  • Is there a known exploit for CVE-2007-2586?

    Yes, crafted MKD commands have been demonstrated to exploit CVE-2007-2586, allowing remote code execution.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203