CVE-2008-0524

EPSS 0.29%
Published 31.01.2008 20:00:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Cross-site request forgery (CSRF) vulnerability in the management interface in multiple Yamaha RT series routers allows remote attackers to change password settings and probably other configuration settings as administrators via unspecified vectors.

Affected products Warnungen 0 Metrics 2 CWE 1 References 8

Data is provided by the National Vulnerability Database (NVD)

Yamaha ≫ Rt107e

Yamaha ≫ Rt52pro

Yamaha ≫ Rt56v

Yamaha ≫ Rt57i

Yamaha ≫ Rt58i

Yamaha ≫ Rt60w

Yamaha ≫ Rt80i

Yamaha ≫ Rta50i

Yamaha ≫ Rta52i

Yamaha ≫ Rta54i

Yamaha ≫ Rta55i

Yamaha ≫ Rtv700

Yamaha ≫ Rtw65b

Yamaha ≫ Rtw65i

Yamaha ≫ Rtx1000

Yamaha ≫ Rtx1100

Yamaha ≫ Rtx1500

Yamaha ≫ Srt100

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.29%	0.491

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

CWE-352 Cross-Site Request Forgery (CSRF)

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

http://jvn.jp/jp/JVN%2388575577/index.html

http://secunia.com/advisories/28690

http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/JVN88575577.html

http://www.securityfocus.com/bid/27491

https://exchange.xforce.ibmcloud.com/vulnerabilities/40015

https://nvd.nist.gov/vuln/detail/CVE-2008-0524

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-0524

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-0524

EUVD