CVE-2008-0524

EPSS 0.29%
Veröffentlicht 31.01.2008 20:00:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Cross-site request forgery (CSRF) vulnerability in the management interface in multiple Yamaha RT series routers allows remote attackers to change password settings and probably other configuration settings as administrators via unspecified vectors.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Yamaha ≫ Rt107e

Yamaha ≫ Rt52pro

Yamaha ≫ Rt56v

Yamaha ≫ Rt57i

Yamaha ≫ Rt58i

Yamaha ≫ Rt60w

Yamaha ≫ Rt80i

Yamaha ≫ Rta50i

Yamaha ≫ Rta52i

Yamaha ≫ Rta54i

Yamaha ≫ Rta55i

Yamaha ≫ Rtv700

Yamaha ≫ Rtw65b

Yamaha ≫ Rtw65i

Yamaha ≫ Rtx1000

Yamaha ≫ Rtx1100

Yamaha ≫ Rtx1500

Yamaha ≫ Srt100

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.29%	0.491

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

CWE-352 Cross-Site Request Forgery (CSRF)

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

http://jvn.jp/jp/JVN%2388575577/index.html

http://secunia.com/advisories/28690

http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/JVN88575577.html

http://www.securityfocus.com/bid/27491

https://exchange.xforce.ibmcloud.com/vulnerabilities/40015

https://nvd.nist.gov/vuln/detail/CVE-2008-0524

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-0524

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-0524

EUVD