said by »tools.cisco.com/security ··· Id=37946 : To exploit this vulnerability, an attacker may need access to trusted, internal networks behind a firewall to send crafted XML requests to the targeted device. This access requirement may reduce the likelihood of a successful exploit.
Not that difficult to pull off with a
DNS Rebinding attack, or even with a relatively simple CSRF attack, perhaps coupled with a targeted malicious email.