Cross-site script inclusion vulnerability in the Web GUI of RTX830 Rev.15.02.17 and earlier, NVR510 Rev.15.01.18 and earlier, NVR700W Rev.15.00.19 and earlier, and RTX1210 Rev.14.01.38 and earlier allows a remote authenticated attacker to alter the settings of the product via a specially crafted web page.
2021-11-24T16:15:13.230
2024-11-21T05:47:15.970
Modified
CVSSv3.1: 5.4 (MEDIUM)
AV:N/AC:M/Au:S/C:N/I:P/A:N
6.8
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | yamaha | rtx830_firmware | ≤ 15.02.17 | Yes |
| Hardware | yamaha | rtx830 | - | No |
| Operating System | yamaha | nvr510_firmware | ≤ 15.01.18 | Yes |
| Hardware | yamaha | nvr510 | - | No |
| Operating System | yamaha | nvr700w_firmware | ≤ 15.00.19 | Yes |
| Hardware | yamaha | nvr700w | - | No |
| Operating System | yamaha | rtx1210_firmware | ≤ 14.01.38 | Yes |
| Hardware | yamaha | rtx1210 | - | No |
| Operating System | ntt-west | biz_box_rtx830_firmware | ≤ 15.02.17 | Yes |
| Hardware | ntt-west | biz_box_rtx830 | - | No |
| Operating System | ntt-west | biz_box_nvr510_firmware | < 15.01.18 | Yes |
| Hardware | ntt-west | biz_box_nvr510 | - | No |
| Operating System | ntt-west | biz_box_nvr700w_firmware | ≤ 15.00.19 | Yes |
| Hardware | ntt-west | biz_box_nvr700w | - | No |
| Operating System | ntt-west | biz_box_rtx1210_firmware | ≤ 14.01.38 | Yes |
| Hardware | ntt-west | biz_box_rtx1210 | - | No |