cve/2007/CVE-2007-2586.md

### [CVE-2007-2586](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2586)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check user authorization, which allows remote attackers to execute arbitrary code, and have other impact including reading startup-config, as demonstrated by a crafted MKD command that involves access to a VTY device and overflows a buffer, aka bug ID CSCek55259.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/alt3kx/alt3kx.github.io
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2007-2586](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2586)`
			`![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)`

			`### Description`

			`The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check user authorization, which allows remote attackers to execute arbitrary code, and have other impact including reading startup-config, as demonstrated by a crafted MKD command that involves access to a VTY device and overflows a buffer, aka bug ID CSCek55259.`

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/alt3kx/alt3kx.github.io`