CVE-2008-0524
Severity Score
7.5
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Cross-site request forgery (CSRF) vulnerability in the management interface in multiple Yamaha RT series routers allows remote attackers to change password settings and probably other configuration settings as administrators via unspecified vectors.
Vulnerabilidad de falsificación de petición en sitios cruzados (CSRF) en la interfaz de administración en múltiples routers de Yamaha RT series. Permite a atacantes remotos cambiar configuraciones de contraseñas y probablemente otros ajustes de configuración como administradores a través de vectores no especificados.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2008-01-31 CVE Reserved
- 2008-01-31 CVE Published
- 2024-08-07 CVE Updated
- 2024-10-27 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-352: Cross-Site Request Forgery (CSRF)
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://jvn.jp/jp/JVN%2388575577/index.html | Third Party Advisory | |
| http://secunia.com/advisories/28690 | Third Party Advisory | |
| http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/JVN88575577.html | X_refsource_confirm | |
| http://www.securityfocus.com/bid/27491 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/40015 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Yamaha Search vendor "Yamaha" | Rt107e Search vendor "Yamaha" for product "Rt107e" | * | - |
Affected
| ||||||
| Yamaha Search vendor "Yamaha" | Rt52pro Search vendor "Yamaha" for product "Rt52pro" | * | - |
Affected
| ||||||
| Yamaha Search vendor "Yamaha" | Rt56v Search vendor "Yamaha" for product "Rt56v" | * | - |
Affected
| ||||||
| Yamaha Search vendor "Yamaha" | Rt57i Search vendor "Yamaha" for product "Rt57i" | * | - |
Affected
| ||||||
| Yamaha Search vendor "Yamaha" | Rt58i Search vendor "Yamaha" for product "Rt58i" | * | - |
Affected
| ||||||
| Yamaha Search vendor "Yamaha" | Rt60w Search vendor "Yamaha" for product "Rt60w" | * | - |
Affected
| ||||||
| Yamaha Search vendor "Yamaha" | Rt80i Search vendor "Yamaha" for product "Rt80i" | * | - |
Affected
| ||||||
| Yamaha Search vendor "Yamaha" | Rta50i Search vendor "Yamaha" for product "Rta50i" | * | - |
Affected
| ||||||
| Yamaha Search vendor "Yamaha" | Rta52i Search vendor "Yamaha" for product "Rta52i" | * | - |
Affected
| ||||||
| Yamaha Search vendor "Yamaha" | Rta54i Search vendor "Yamaha" for product "Rta54i" | * | - |
Affected
| ||||||
| Yamaha Search vendor "Yamaha" | Rta55i Search vendor "Yamaha" for product "Rta55i" | * | - |
Affected
| ||||||
| Yamaha Search vendor "Yamaha" | Rtv700 Search vendor "Yamaha" for product "Rtv700" | * | - |
Affected
| ||||||
| Yamaha Search vendor "Yamaha" | Rtw65b Search vendor "Yamaha" for product "Rtw65b" | * | - |
Affected
| ||||||
| Yamaha Search vendor "Yamaha" | Rtw65i Search vendor "Yamaha" for product "Rtw65i" | * | - |
Affected
| ||||||
| Yamaha Search vendor "Yamaha" | Rtx1000 Search vendor "Yamaha" for product "Rtx1000" | * | - |
Affected
| ||||||
| Yamaha Search vendor "Yamaha" | Rtx1100 Search vendor "Yamaha" for product "Rtx1100" | * | - |
Affected
| ||||||
| Yamaha Search vendor "Yamaha" | Rtx1500 Search vendor "Yamaha" for product "Rtx1500" | * | - |
Affected
| ||||||
| Yamaha Search vendor "Yamaha" | Srt100 Search vendor "Yamaha" for product "Srt100" | * | - |
Affected
| ||||||