Unrated severityNVD Advisory· Published Jan 9, 2019· Updated Aug 5, 2024
CVE-2018-0665
CVE-2018-0665
Description
Yamaha routers RT57i Rev.8.00.95 and earlier, RT58i Rev.9.01.51 and earlier, NVR500 Rev.11.00.36 and earlier, RTX810 Rev.11.01.31 and earlier, allow an administrative user to embed arbitrary scripts to the configuration data through a certain form field of the configuration page, which may be executed on another administrative user's web browser. This is a different vulnerability from CVE-2018-0666.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
10- NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION/Biz Box Router N58i, and N500v5Range: n/a
- NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION/Biz Box Router N58i, N500, NVR500, and RTX810v5Range: n/a
- Yamaha Corporation/Yamaha Broadband VoIP Router NVR500v5Range: Rev.11.00.36 and earlier
- Yamaha Corporation/Yamaha Broadband VoIP Router RT57iv5Range: Rev.8.00.95 and earlier
- Yamaha Corporation/Yamaha Broadband VoIP Router RT58iv5Range: Rev.9.01.51 and earlier
- Yamaha Corporation/Yamaha Firewall FWX120v5Range: Rev.11.03.25 and earlier
- Yamaha Corporation/Yamaha Gigabit VPN Router RTX810v5Range: Rev.11.01.31 and earlier
Patches
Vulnerability mechanics
References
4- jvn.jp/en/jp/JVN69967692/index.htmlmitrethird-party-advisoryx_refsource_JVN
- www.rtpro.yamaha.co.jp/RT/FAQ/Security/JVN69967692.htmlmitrex_refsource_MISC
- flets-w.com/solution/kiki_info/info/180829.htmlmitrex_refsource_MISC
- web116.jp/ced/support/news/contents/2018/20180829b.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.