Vulnerability CVE-2008-0524


Published: 2008-01-31   Modified: 2012-02-12

Description:
Cross-site request forgery (CSRF) vulnerability in the management interface in multiple Yamaha RT series routers allows remote attackers to change password settings and probably other configuration settings as administrators via unspecified vectors.

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Yamaha -> Rtx1100 
Yamaha -> Rtx1500 
Yamaha -> Rt107e 
Yamaha -> Srt100 
Yamaha -> Rt52pro 
Yamaha -> Rt56v 
Yamaha -> Rt57i 
Yamaha -> Rt58i 
Yamaha -> Rt60w 
Yamaha -> Rt80i 
Yamaha -> Rta50i 
Yamaha -> Rta52i 
Yamaha -> Rta54i 
Yamaha -> Rta55i 
Yamaha -> Rtv700 
Yamaha -> Rtw65b 
Yamaha -> Rtw65i 
Yamaha -> Rtx1000 

 References:
http://jvn.jp/jp/JVN%2388575577/index.html
http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/JVN88575577.html
http://www.securityfocus.com/bid/27491
https://exchange.xforce.ibmcloud.com/vulnerabilities/40015

Copyright 2024, cxsecurity.com

 

Back to Top