9 matches found
CVE-2021-20843
Cross-site script inclusion vulnerability in the Web GUI of RTX830 Rev.15.02.17 and earlier, NVR510 Rev.15.01.18 and earlier, NVR700W Rev.15.00.19 and earlier, and RTX1210 Rev.14.01.38 and earlier allows a remote authenticated attacker to alter the settings of the product via a specially crafted...
CVE-2021-20844
Improper neutralization of HTTP request headers for scripting syntax vulnerability in the Web GUI of RTX830 Rev.15.02.17 and earlier, NVR510 Rev.15.01.18 and earlier, NVR700W Rev.15.00.19 and earlier, and RTX1210 Rev.14.01.38 and earlier allows a remote authenticated attacker to obtain sensitive...
CVE-2021-20844
Improper neutralization of HTTP request headers for scripting syntax vulnerability in the Web GUI of RTX830 Rev.15.02.17 and earlier, NVR510 Rev.15.01.18 and earlier, NVR700W Rev.15.00.19 and earlier, and RTX1210 Rev.14.01.38 and earlier allows a remote authenticated attacker to obtain sensitive...
Cross site scripting
Cross-site script inclusion vulnerability in the Web GUI of RTX830 Rev.15.02.17 and earlier, NVR510 Rev.15.01.18 and earlier, NVR700W Rev.15.00.19 and earlier, and RTX1210 Rev.14.01.38 and earlier allows a remote authenticated attacker to alter the settings of the product via a specially crafted...
Input validation
Improper neutralization of HTTP request headers for scripting syntax vulnerability in the Web GUI of RTX830 Rev.15.02.17 and earlier, NVR510 Rev.15.01.18 and earlier, NVR700W Rev.15.00.19 and earlier, and RTX1210 Rev.14.01.38 and earlier allows a remote authenticated attacker to obtain sensitive...
CVE-2021-20844
CVE-2021-20844 affects Yamaha routers (RTX830, NVR510, NVR700W, RTX1210) via improper neutralization of HTTP request headers in the Web GUI, allowing a remote authenticated attacker to obtain sensitive information through a crafted page. Affected firmware versions are RTX830 <=15.02.17, NVR510...
CVE-2021-20843
The CVE-2021-20843 affects Yamaha routers (RTX830, NVR510, NVR700W, RTX1210). Root cause: Cross-site script inclusion in the Web GUI that can allow an authenticated user to alter settings via a crafted page. Verified fixes are firmware updates: RTX830 Rev.15.02.20; NVR510 Rev.15.01.21; NVR700W Re...
CVE-2021-20843
Cross-site script inclusion vulnerability in the Web GUI of RTX830 Rev.15.02.17 and earlier, NVR510 Rev.15.01.18 and earlier, NVR700W Rev.15.00.19 and earlier, and RTX1210 Rev.14.01.38 and earlier allows a remote authenticated attacker to alter the settings of the product via a specially crafted...
JVN#38732359: Multiple Yamaha network devices vulnerable to denial-of-service (DoS)
Multiple network devices provided by Yamaha Corporation contain a denial-of-service DoS vulnerability CWE-400 due to an issue in processing received packets. Impact A remote attacker may be able to cause a denial-of-service DoS condition. Solution Update the firmware Update to the latest version ...