9 matches found
CVE-2024-47044
Multiple Home GateWay/Hikari Denwa routers provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION are vulnerable to insufficient access restrictions for Device Setting pages. If this vulnerability is exploited, an attacker who identified WAN-side IPv6 address may access the product's Device...
CVE-2019-5986
Cross-site request forgery CSRF vulnerability in Hikari Denwa router/Home GateWay Hikari Denwa router/Home GateWay provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION PR-S300NE/RT-S300NE/RV-S340NE firmware version Ver. 19.41 and earlier, PR-S300HI/RT-S300HI/RV-S340HI firmware version...
CVE-2016-1228
Cross-site request forgery CSRF vulnerability on NTT EAST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1006 and earlier and NTT WEST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1005 and earlier allows remote attackers to hijack the...
CVE-2016-1227
NTT EAST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1006 and earlier and NTT WEST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1005 and earlier allow remote authenticated users to execute arbitrary OS commands via unspecified vectors...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability on NTT EAST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1006 and earlier and NTT WEST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1005 and earlier allows remote attackers to hijack the...
Multiple NTT Hikari Denwa Products Cross-Site Request Forgery Vulnerabilities
The NTT Hikari Denwa PR-400MI, RV-440MI and RT-400MI are all router products from Nippon Telegraph and Telephone NTT. A cross-site request forgery vulnerability exists in multiple NTT Hikari Denwa products. An attacker could exploit this vulnerability to perform unauthorized operations...
Multiple Hikari Denwa routers vulnerable to cross-site request forgery
Overview Multiple Hikari Denwa routers contain a cross-site request forgery vulnerability CWE-352. Ryoya Tsukasaki of Urawa Commercial High School reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact If a user...
Multiple Hikari Denwa routers vulnerable to OS command injection
Overview Multiple Hikari Denwa routers contain an OS command injection vulnerability CWE-78. Ryoya Tsukasaki of Urawa Commercial High School reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary OS...
JVN#77403442: Multiple Hikari Denwa routers vulnerable to OS command injection
Multiple Hikari Denwa routers contain an OS command injection vulnerability CWE-78. Impact An arbitrary OS command may be executed on the product by a logged-in attacker. Solution Update the Firmware Apply the appropriate firmware update provided by the developer. Products Affected NIPPON TELEGRA...