Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2008-0524

Cross-site request forgery (CSRF) vulnerability in the management interface in multiple Yamaha RT series routers allows remote attackers to change password settings and probably other configuration settings as administrators via unspecified vectors.

Published

2008-01-31T20:00:00.000

Last Modified

2025-04-09T00:30:58.490

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: PARTIAL
  • Availability Impact: PARTIAL
Exploitability Score

10.0

Impact Score

6.4

Weaknesses
  • Type: Primary
    CWE-352
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Hardware yamaha rt107e * Yes
Hardware yamaha rt52pro * Yes
Hardware yamaha rt56v * Yes
Hardware yamaha rt57i * Yes
Hardware yamaha rt58i * Yes
Hardware yamaha rt60w * Yes
Hardware yamaha rt80i * Yes
Hardware yamaha rta50i * Yes
Hardware yamaha rta52i * Yes
Hardware yamaha rta54i * Yes
Hardware yamaha rta55i * Yes
Hardware yamaha rtv700 * Yes
Hardware yamaha rtw65b * Yes
Hardware yamaha rtw65i * Yes
Hardware yamaha rtx1000 * Yes
Hardware yamaha rtx1100 * Yes
Hardware yamaha rtx1500 * Yes
Hardware yamaha srt100 * Yes
References