Vulnerabilites related to yamaha - rt52pro
CVE-2008-0524 (GCVE-0-2008-0524)
Vulnerability from cvelistv5
Published
2008-01-31 19:30
Modified
2024-08-07 07:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site request forgery (CSRF) vulnerability in the management interface in multiple Yamaha RT series routers allows remote attackers to change password settings and probably other configuration settings as administrators via unspecified vectors.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:46:55.068Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/JVN88575577.html"
},
{
"name": "28690",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28690"
},
{
"name": "27491",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27491"
},
{
"name": "yamaha-routers-http-csrf(40015)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40015"
},
{
"name": "JVN#88575577",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN%2388575577/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in the management interface in multiple Yamaha RT series routers allows remote attackers to change password settings and probably other configuration settings as administrators via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/JVN88575577.html"
},
{
"name": "28690",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28690"
},
{
"name": "27491",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27491"
},
{
"name": "yamaha-routers-http-csrf(40015)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40015"
},
{
"name": "JVN#88575577",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/jp/JVN%2388575577/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0524",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in the management interface in multiple Yamaha RT series routers allows remote attackers to change password settings and probably other configuration settings as administrators via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/JVN88575577.html",
"refsource": "CONFIRM",
"url": "http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/JVN88575577.html"
},
{
"name": "28690",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28690"
},
{
"name": "27491",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27491"
},
{
"name": "yamaha-routers-http-csrf(40015)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40015"
},
{
"name": "JVN#88575577",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2388575577/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0524",
"datePublished": "2008-01-31T19:30:00",
"dateReserved": "2008-01-31T00:00:00",
"dateUpdated": "2024-08-07T07:46:55.068Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2008-01-31 20:00
Modified
2025-04-09 00:30
Severity ?
Summary
Cross-site request forgery (CSRF) vulnerability in the management interface in multiple Yamaha RT series routers allows remote attackers to change password settings and probably other configuration settings as administrators via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| yamaha | rt107e | * | |
| yamaha | rt52pro | * | |
| yamaha | rt56v | * | |
| yamaha | rt57i | * | |
| yamaha | rt58i | * | |
| yamaha | rt60w | * | |
| yamaha | rt80i | * | |
| yamaha | rta50i | * | |
| yamaha | rta52i | * | |
| yamaha | rta54i | * | |
| yamaha | rta55i | * | |
| yamaha | rtv700 | * | |
| yamaha | rtw65b | * | |
| yamaha | rtw65i | * | |
| yamaha | rtx1000 | * | |
| yamaha | rtx1100 | * | |
| yamaha | rtx1500 | * | |
| yamaha | srt100 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:yamaha:rt107e:*:*:*:*:*:*:*:*",
"matchCriteriaId": "425CDF9A-F6CB-46A0-9820-D3FDDF189E9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:yamaha:rt52pro:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F3265767-161D-4713-BFF2-75E8A8A50A71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:yamaha:rt56v:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC8D1C0-6AF5-43E2-A249-0668541DE24A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:yamaha:rt57i:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E34B7C2B-399B-4892-B715-8ACA3C2FCD39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:yamaha:rt58i:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4D07F7B-638C-441A-B2FD-F1555CD4D16F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:yamaha:rt60w:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F0EEB41E-F757-49C4-9667-E35BE83308E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:yamaha:rt80i:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E169527-2124-4A1D-84BB-0CAE4A2E380A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:yamaha:rta50i:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B69B9D13-5F18-4746-8659-FDE58C262912",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:yamaha:rta52i:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E7D2A85-18A7-42F9-A057-F61A57404943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:yamaha:rta54i:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EAEBCB69-D290-49FF-B800-91D7C53EFECE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:yamaha:rta55i:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9517A29-D59B-4C6B-8BD5-2F856D91CE79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:yamaha:rtv700:*:*:*:*:*:*:*:*",
"matchCriteriaId": "51AF5618-F041-43F9-B225-ADEAE8379C3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:yamaha:rtw65b:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2749A0C6-E134-4412-947F-FBEC20F96F10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:yamaha:rtw65i:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92BE52D4-DE4B-477A-84E7-C875C62EC675",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:yamaha:rtx1000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "83831044-089B-4BA9-965C-7A5B2CBBACB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:yamaha:rtx1100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52AA01AA-C220-411B-8F96-77FE54EFFAF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:yamaha:rtx1500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B03C6BB5-8BA2-475C-86FA-69B33BF7B3E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:yamaha:srt100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ECD5B3A4-A120-4DD3-8F66-FA298F7377A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in the management interface in multiple Yamaha RT series routers allows remote attackers to change password settings and probably other configuration settings as administrators via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de falsificaci\u00f3n de petici\u00f3n en sitios cruzados (CSRF) en la interfaz de administraci\u00f3n en m\u00faltiples routers de Yamaha RT series. Permite a atacantes remotos cambiar configuraciones de contrase\u00f1as y probablemente otros ajustes de configuraci\u00f3n como administradores a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2008-0524",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-01-31T20:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://jvn.jp/jp/JVN%2388575577/index.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28690"
},
{
"source": "cve@mitre.org",
"url": "http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/JVN88575577.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/27491"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/jp/JVN%2388575577/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28690"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/JVN88575577.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/27491"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40015"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}