{ "id": "CVE-2008-0524", "sourceIdentifier": "cve@mitre.org", "published": "2008-01-31T20:00:00.000", "lastModified": "2024-11-21T00:42:18.430", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cross-site request forgery (CSRF) vulnerability in the management interface in multiple Yamaha RT series routers allows remote attackers to change password settings and probably other configuration settings as administrators via unspecified vectors." }, { "lang": "es", "value": "Vulnerabilidad de falsificaci\u00f3n de petici\u00f3n en sitios cruzados (CSRF) en la interfaz de administraci\u00f3n en m\u00faltiples routers de Yamaha RT series. Permite a atacantes remotos cambiar configuraciones de contrase\u00f1as y probablemente otros ajustes de configuraci\u00f3n como administradores a trav\u00e9s de vectores no especificados." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "baseScore": 7.5, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL" }, "baseSeverity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": true } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-352" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:h:yamaha:rt107e:*:*:*:*:*:*:*:*", "matchCriteriaId": "425CDF9A-F6CB-46A0-9820-D3FDDF189E9F" }, { "vulnerable": true, "criteria": "cpe:2.3:h:yamaha:rt52pro:*:*:*:*:*:*:*:*", "matchCriteriaId": "F3265767-161D-4713-BFF2-75E8A8A50A71" }, { "vulnerable": true, "criteria": "cpe:2.3:h:yamaha:rt56v:*:*:*:*:*:*:*:*", "matchCriteriaId": "7AC8D1C0-6AF5-43E2-A249-0668541DE24A" }, { "vulnerable": true, "criteria": "cpe:2.3:h:yamaha:rt57i:*:*:*:*:*:*:*:*", "matchCriteriaId": "E34B7C2B-399B-4892-B715-8ACA3C2FCD39" }, { "vulnerable": true, "criteria": "cpe:2.3:h:yamaha:rt58i:*:*:*:*:*:*:*:*", "matchCriteriaId": "C4D07F7B-638C-441A-B2FD-F1555CD4D16F" }, { "vulnerable": true, "criteria": "cpe:2.3:h:yamaha:rt60w:*:*:*:*:*:*:*:*", "matchCriteriaId": "F0EEB41E-F757-49C4-9667-E35BE83308E4" }, { "vulnerable": true, "criteria": "cpe:2.3:h:yamaha:rt80i:*:*:*:*:*:*:*:*", "matchCriteriaId": "4E169527-2124-4A1D-84BB-0CAE4A2E380A" }, { "vulnerable": true, "criteria": "cpe:2.3:h:yamaha:rta50i:*:*:*:*:*:*:*:*", "matchCriteriaId": "B69B9D13-5F18-4746-8659-FDE58C262912" }, { "vulnerable": true, "criteria": "cpe:2.3:h:yamaha:rta52i:*:*:*:*:*:*:*:*", "matchCriteriaId": "1E7D2A85-18A7-42F9-A057-F61A57404943" }, { "vulnerable": true, "criteria": "cpe:2.3:h:yamaha:rta54i:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAEBCB69-D290-49FF-B800-91D7C53EFECE" }, { "vulnerable": true, "criteria": "cpe:2.3:h:yamaha:rta55i:*:*:*:*:*:*:*:*", "matchCriteriaId": "E9517A29-D59B-4C6B-8BD5-2F856D91CE79" }, { "vulnerable": true, "criteria": "cpe:2.3:h:yamaha:rtv700:*:*:*:*:*:*:*:*", "matchCriteriaId": "51AF5618-F041-43F9-B225-ADEAE8379C3E" }, { "vulnerable": true, "criteria": "cpe:2.3:h:yamaha:rtw65b:*:*:*:*:*:*:*:*", "matchCriteriaId": "2749A0C6-E134-4412-947F-FBEC20F96F10" }, { "vulnerable": true, "criteria": "cpe:2.3:h:yamaha:rtw65i:*:*:*:*:*:*:*:*", "matchCriteriaId": "92BE52D4-DE4B-477A-84E7-C875C62EC675" }, { "vulnerable": true, "criteria": "cpe:2.3:h:yamaha:rtx1000:*:*:*:*:*:*:*:*", "matchCriteriaId": "83831044-089B-4BA9-965C-7A5B2CBBACB7" }, { "vulnerable": true, "criteria": "cpe:2.3:h:yamaha:rtx1100:*:*:*:*:*:*:*:*", "matchCriteriaId": "52AA01AA-C220-411B-8F96-77FE54EFFAF6" }, { "vulnerable": true, "criteria": "cpe:2.3:h:yamaha:rtx1500:*:*:*:*:*:*:*:*", "matchCriteriaId": "B03C6BB5-8BA2-475C-86FA-69B33BF7B3E6" }, { "vulnerable": true, "criteria": "cpe:2.3:h:yamaha:srt100:*:*:*:*:*:*:*:*", "matchCriteriaId": "ECD5B3A4-A120-4DD3-8F66-FA298F7377A8" } ] } ] } ], "references": [ { "url": "http://jvn.jp/jp/JVN%2388575577/index.html", "source": "cve@mitre.org" }, { "url": "http://secunia.com/advisories/28690", "source": "cve@mitre.org" }, { "url": "http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/JVN88575577.html", "source": "cve@mitre.org" }, { "url": "http://www.securityfocus.com/bid/27491", "source": "cve@mitre.org" }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40015", "source": "cve@mitre.org" }, { "url": "http://jvn.jp/jp/JVN%2388575577/index.html", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://secunia.com/advisories/28690", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/JVN88575577.html", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.securityfocus.com/bid/27491", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40015", "source": "af854a3a-2127-422b-91ae-364da2661108" } ] }