VYPR
Unrated severityNVD Advisory· Published Jan 9, 2019· Updated Aug 5, 2024

CVE-2018-0665

CVE-2018-0665

Description

Yamaha routers RT57i Rev.8.00.95 and earlier, RT58i Rev.9.01.51 and earlier, NVR500 Rev.11.00.36 and earlier, RTX810 Rev.11.01.31 and earlier, allow an administrative user to embed arbitrary scripts to the configuration data through a certain form field of the configuration page, which may be executed on another administrative user's web browser. This is a different vulnerability from CVE-2018-0666.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

10
  • Yamaha/NVR500llm-create
    Range: <=11.00.36
  • Yamaha/Rt58illm-fuzzy
    Range: <=9.01.51
  • Yamaha/Rt57illm-fuzzy
    Range: <=8.00.95
  • NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION/Biz Box Router N58i, and N500v5
    Range: n/a
  • NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION/Biz Box Router N58i, N500, NVR500, and RTX810v5
    Range: n/a
  • Yamaha Corporation/Yamaha Broadband VoIP Router NVR500v5
    Range: Rev.11.00.36 and earlier
  • Yamaha Corporation/Yamaha Broadband VoIP Router RT57iv5
    Range: Rev.8.00.95 and earlier
  • Yamaha Corporation/Yamaha Broadband VoIP Router RT58iv5
    Range: Rev.9.01.51 and earlier
  • Yamaha Corporation/Yamaha Firewall FWX120v5
    Range: Rev.11.03.25 and earlier
  • Yamaha Corporation/Yamaha Gigabit VPN Router RTX810v5
    Range: Rev.11.01.31 and earlier

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.