Vendor

Yamaha

Products

CVEs

Across products

618

Status

Private

Products

Rt100i
67 CVEs
Rt200i
66 CVEs
Rt102i
50 CVEs
Rt80i
36 CVEs
Rt300i
26 CVEs
Rtx1000
25 CVEs
Rt103i
24 CVEs
Rtx1100
23 CVEs
Rtx2000
19 CVEs
Rta50i
18 CVEs
Rt140e
17 CVEs
Rt140f
17 CVEs
Rt140i
17 CVEs
Rt140p
17 CVEs
Rt57i
17 CVEs
Rtv700
17 CVEs
Rt105e
14 CVEs
Rt105i
14 CVEs
Rt105p
14 CVEs
Srt100
14 CVEs
Rt250i
12 CVEs
Rtx3000
12 CVEs
Rt58i
11 CVEs
Rt56v
9 CVEs
Rta52i
9 CVEs
Rt107e
8 CVEs
Rtx1500
8 CVEs
Rta55i
7 CVEs
Rta54i
6 CVEs
Rt60w
4 CVEs
+ 10 more — see CVE list below for full coverage.

Recent CVEs

CVE	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2008-2173	Hig	0.49	7.5	0.01	May 13, 2008	Unspecified vulnerability in Yamaha routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372.
CVE-2005-0356		0.10	—	0.82	May 31, 2005	Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old.
CVE-1999-0946		0.03	—	0.06	Nov 2, 1999	Buffer overflow in Yamaha MidiPlug via a Text variable in an EMBED tag.
CVE-2013-7310		0.00	—	0.01	Jan 23, 2014	The OSPF implementation on Yamaha routers does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149.
CVE-2011-1323		0.00	—	0.01	May 9, 2011	Yamaha RTX, RT, SRT, RTV, RTW, and RTA series routers with firmware 6.x through 10.x, and NEC IP38X series routers with firmware 6.x through 10.x, do not properly handle IP header options, which allows remote attackers to cause a denial of service (device reboot) via a crafted option that triggers access to an invalid memory location.
CVE-2008-0524		0.00	—	0.00	Jan 31, 2008	Cross-site request forgery (CSRF) vulnerability in the management interface in multiple Yamaha RT series routers allows remote attackers to change password settings and probably other configuration settings as administrators via unspecified vectors.