Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for rtx1210 by yamaha

    VAR-202004-1827

    Vulnerability from variot - Updated: 2024-11-23 23:04

    Yamaha LTE VoIP Router(NVR700W firmware Rev.15.00.15 and earlier), Yamaha Gigabit VoIP Router(NVR510 firmware Rev.15.01.14 and earlier), Yamaha Gigabit VPN Router(RTX810 firmware Rev.11.01.33 and earlier, RTX830 firmware Rev.15.02.09 and earlier, RTX1200 firmware Rev.10.01.76 and earlier, RTX1210 firmware Rev.14.01.33 and earlier, RTX3500 firmware Rev.14.00.26 and earlier, and RTX5000 firmware Rev.14.00.26 and earlier), Yamaha Broadband VoIP Router(NVR500 firmware Rev.11.00.38 and earlier), and Yamaha Firewall(FWX120 firmware Rev.11.03.27 and earlier) allow remote attackers to cause a denial of service via unspecified vectors. For multiple network devices provided by Yamaha Corporation, service operation interruption due to processing of received packets (DoS) (CWE-400) Vulnerability exists. This vulnerability information is based on the Information Security Early Warning Partnership. IPA Report to JPCERT/CC Coordinated with the developer. Reporter : Keio University Faculty of Science and Engineering Department of Computer Science Amano Lab Niwa Naoya MrService operation obstruction by a remote third party (DoS) You may be attacked. Yamaha NVR500 and others are products of Yamaha Corporation of Japan. Yamaha NVR500 is an enterprise router. Yamaha RTX810 is a Gigabit VPN (Virtual Private Network) router. Yamaha FWX120 is a firewall product.

    Denial of service vulnerabilities exist in many Yamaha products. A remote attacker can use this vulnerability to cause a denial of service

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1827",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rtx5000",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "yamaha",
            "version": "14.00.26"
          },
          {
            "model": "nvr510",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "yamaha",
            "version": "15.01.14"
          },
          {
            "model": "rtx1200",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "yamaha",
            "version": "10.01.76"
          },
          {
            "model": "nvr700w",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "yamaha",
            "version": "15.00.15"
          },
          {
            "model": "fwx120",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "yamaha",
            "version": "11.03.27"
          },
          {
            "model": "rtx3500",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "yamaha",
            "version": "14.00.26"
          },
          {
            "model": "rtx830",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "yamaha",
            "version": "15.02.09"
          },
          {
            "model": "rtx810",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "yamaha",
            "version": "11.01.33"
          },
          {
            "model": "nvr500",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "yamaha",
            "version": "11.00.38"
          },
          {
            "model": "rtx1210",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "yamaha",
            "version": "14.01.33"
          },
          {
            "model": "fwx120",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "yamaha",
            "version": "\u30d5\u30a1\u30fc\u30e0\u30a6\u30a7\u30a2 rev.11.03.27"
          },
          {
            "model": "nvr500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "yamaha",
            "version": "\u30d5\u30a1\u30fc\u30e0\u30a6\u30a7\u30a2 rev.11.00.38"
          },
          {
            "model": "nvr510",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "yamaha",
            "version": "\u30d5\u30a1\u30fc\u30e0\u30a6\u30a7\u30a2 rev.15.01.14"
          },
          {
            "model": "nvr700w",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "yamaha",
            "version": "\u30d5\u30a1\u30fc\u30e0\u30a6\u30a7\u30a2 rev.15.00.15"
          },
          {
            "model": "rtx1200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "yamaha",
            "version": "\u30d5\u30a1\u30fc\u30e0\u30a6\u30a7\u30a2 rev.10.01.76"
          },
          {
            "model": "rtx1210",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "yamaha",
            "version": "\u30d5\u30a1\u30fc\u30e0\u30a6\u30a7\u30a2 rev.14.01.33"
          },
          {
            "model": "rtx3500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "yamaha",
            "version": "\u30d5\u30a1\u30fc\u30e0\u30a6\u30a7\u30a2 rev.14.00.26"
          },
          {
            "model": "rtx5000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "yamaha",
            "version": "\u30d5\u30a1\u30fc\u30e0\u30a6\u30a7\u30a2 rev.14.00.26"
          },
          {
            "model": "rtx810",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "yamaha",
            "version": "\u30d5\u30a1\u30fc\u30e0\u30a6\u30a7\u30a2 rev.11.01.33"
          },
          {
            "model": "rtx830",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "yamaha",
            "version": "\u30d5\u30a1\u30fc\u30e0\u30a6\u30a7\u30a2 rev.15.02.09"
          },
          {
            "model": "lte voip router nvr700w \u003c=rev.15.00.15",
            "scope": null,
            "trust": 0.6,
            "vendor": "yamaha",
            "version": null
          },
          {
            "model": "gigabit voip router nvr510 \u003c=rev.15.01.14",
            "scope": null,
            "trust": 0.6,
            "vendor": "yamaha",
            "version": null
          },
          {
            "model": "gigabit vpn router rtx810 \u003c=rev.11.01.33",
            "scope": null,
            "trust": 0.6,
            "vendor": "yamaha",
            "version": null
          },
          {
            "model": "gigabit vpn router rtx830 \u003c=rev.15.02.09",
            "scope": null,
            "trust": 0.6,
            "vendor": "yamaha",
            "version": null
          },
          {
            "model": "gigabit vpn router rtx1200 \u003c=rev.10.01.76",
            "scope": null,
            "trust": 0.6,
            "vendor": "yamaha",
            "version": null
          },
          {
            "model": "gigabit voip router rtx1210 \u003c=rev.14.01.33",
            "scope": null,
            "trust": 0.6,
            "vendor": "yamaha",
            "version": null
          },
          {
            "model": "gigabit voip router rtx3500 \u003c=rev.14.00.26",
            "scope": null,
            "trust": 0.6,
            "vendor": "yamaha",
            "version": null
          },
          {
            "model": "gigabit voip router rtx5000 \u003c=rev.14.00.26",
            "scope": null,
            "trust": 0.6,
            "vendor": "yamaha",
            "version": null
          },
          {
            "model": "broadband voip router nvr500 \u003c=rev.11.00.38",
            "scope": null,
            "trust": 0.6,
            "vendor": "yamaha",
            "version": null
          },
          {
            "model": "firewall fwx120 \u003c=rev.11.03.27",
            "scope": null,
            "trust": 0.6,
            "vendor": "yamaha",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21477"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-000021"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-5548"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/h:yamaha:fwx120",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:yamaha:nvr500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:yamaha:NVR510",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:yamaha:NVR700W",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:yamaha:rtx1200",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:yamaha:RTX1210",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:yamaha:RTX3500",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:yamaha:RTX5000",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:yamaha:rtx810_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:yamaha:RTX830",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-000021"
          }
        ]
      },
      "cve": "CVE-2020-5548",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.8,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2020-5548",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "None",
                "author": "IPA",
                "availabilityImpact": "Complete",
                "baseScore": 7.1,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-000021",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.8,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2020-21477",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-5548",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "High",
                "attackVector": "Network",
                "author": "IPA",
                "availabilityImpact": "High",
                "baseScore": 5.9,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-000021",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-5548",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "IPA",
                "id": "JVNDB-2020-000021",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-21477",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202003-1751",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21477"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-000021"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1751"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-5548"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Yamaha LTE VoIP Router(NVR700W firmware Rev.15.00.15 and earlier), Yamaha Gigabit VoIP Router(NVR510 firmware Rev.15.01.14 and earlier), Yamaha Gigabit VPN Router(RTX810 firmware Rev.11.01.33 and earlier, RTX830 firmware Rev.15.02.09 and earlier, RTX1200 firmware Rev.10.01.76 and earlier, RTX1210 firmware Rev.14.01.33 and earlier, RTX3500 firmware Rev.14.00.26 and earlier, and RTX5000 firmware Rev.14.00.26 and earlier), Yamaha Broadband VoIP Router(NVR500 firmware Rev.11.00.38 and earlier), and Yamaha Firewall(FWX120 firmware Rev.11.03.27 and earlier) allow remote attackers to cause a denial of service via unspecified vectors. For multiple network devices provided by Yamaha Corporation, service operation interruption due to processing of received packets (DoS) (CWE-400) Vulnerability exists. This vulnerability information is based on the Information Security Early Warning Partnership. IPA Report to JPCERT/CC Coordinated with the developer. Reporter : Keio University Faculty of Science and Engineering Department of Computer Science Amano Lab Niwa Naoya MrService operation obstruction by a remote third party (DoS) You may be attacked. Yamaha NVR500 and others are products of Yamaha Corporation of Japan. Yamaha NVR500 is an enterprise router. Yamaha RTX810 is a Gigabit VPN (Virtual Private Network) router. Yamaha FWX120 is a firewall product. \n\r\n\r\nDenial of service vulnerabilities exist in many Yamaha products. A remote attacker can use this vulnerability to cause a denial of service",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-5548"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-000021"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-21477"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "JVN",
            "id": "JVN38732359",
            "trust": 3.0
          },
          {
            "db": "NVD",
            "id": "CVE-2020-5548",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-000021",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-21477",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1751",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21477"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-000021"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1751"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-5548"
          }
        ]
      },
      "id": "VAR-202004-1827",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21477"
          }
        ],
        "trust": 1.5511363636363638
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21477"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:04:24.625000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "\u300c\u30e4\u30de\u30cf\u88fd\u306e\u8907\u6570\u306e\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u6a5f\u5668\u306b\u304a\u3051\u308b\u30b5\u30fc\u30d3\u30b9\u904b\u7528\u59a8\u5bb3 (DoS) \u306e\u8106\u5f31\u6027\u300d\u306b\u3064\u3044\u3066 ",
            "trust": 0.8,
            "url": "http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/JVN38732359.html"
          },
          {
            "title": "Biz Box\u30eb\u30fc\u30bf\u3092\u3054\u5229\u7528\u306e\u304a\u5ba2\u3055\u307e\u3078",
            "trust": 0.8,
            "url": "https://flets-w.com/solution/kiki_info/info/200331.html"
          },
          {
            "title": "BizBox\u30eb\u30fc\u30bf\u30fb\u30e4\u30de\u30cf\u30eb\u30fc\u30bf\u3092\u3054\u5229\u7528\u306e\u304a\u5ba2\u3055\u307e\u3078",
            "trust": 0.8,
            "url": "https://web116.jp/ced/support/news/contents/2020/20200331.html"
          },
          {
            "title": "Patch for Multiple Yamaha product denial of service vulnerabilities",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/212643"
          },
          {
            "title": "Multiple Yamaha Product security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=115376"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21477"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-000021"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1751"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-Other",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-000021"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-5548"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://jvn.jp/en/jp/jvn38732359/index.html"
          },
          {
            "trust": 1.6,
            "url": "http://www.rtpro.yamaha.co.jp/rt/faq/security/jvn38732359.html"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-5548"
          },
          {
            "trust": 0.8,
            "url": "https://jvn.jp/jp/jvn38732359/index.html"
          },
          {
            "trust": 0.6,
            "url": "https://jvn.jp/en/jp/jvn38732359/"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-5548"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21477"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-000021"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1751"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-5548"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21477"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-000021"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1751"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-5548"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-05T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-21477"
          },
          {
            "date": "2020-03-31T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-000021"
          },
          {
            "date": "2020-03-31T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202003-1751"
          },
          {
            "date": "2020-04-01T12:15:15.210000",
            "db": "NVD",
            "id": "CVE-2020-5548"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-05T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-21477"
          },
          {
            "date": "2020-04-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-000021"
          },
          {
            "date": "2020-05-12T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202003-1751"
          },
          {
            "date": "2024-11-21T05:34:15.293000",
            "db": "NVD",
            "id": "CVE-2020-5548"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1751"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Interfering with service operations on multiple Yamaha network devices  (DoS) Vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-000021"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1751"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201510-0774

    Vulnerability from variot - Updated: 2022-05-17 02:02

    Multiple router products contain an issue in the protection against clickjacking attacks. Noriaki Iwasaki of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.If a user views a malicious page while logged in, unintended operations may be conducted. Multiple Routers are prone to a clickjacking vulnerability because it fails to perform validity checks on certain user actions through HTTP requests. Successful exploits will allow an attacker to compromise the affected device or obtain sensitive information. Other attacks are also possible

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201510-0774",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "",
            "scope": null,
            "trust": 0.8,
            "vendor": "multiple venders",
            "version": null
          },
          {
            "model": "srt100",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "model": "rtx810",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "11.1.21"
          },
          {
            "model": "rtx1500",
            "scope": null,
            "trust": 0.3,
            "vendor": "yamaha",
            "version": null
          },
          {
            "model": "rtx1210",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "model": "rtx1200",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "10.1.59"
          },
          {
            "model": "rtv01",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "model": "rt58i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "model": "rt107e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "model": "nvr500",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "11.0.25"
          },
          {
            "model": "fwx120",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "11.3.8"
          },
          {
            "model": "infocage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nec",
            "version": "3.1"
          },
          {
            "model": "rtx810",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "11.1.25"
          },
          {
            "model": "rtx1200",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "10.1.65"
          },
          {
            "model": "nvr500",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "11.0.28"
          },
          {
            "model": "fwx120",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "11.3.13"
          },
          {
            "model": "infocage",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "nec",
            "version": "5.1"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "77386"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-000172"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:misc:multiple_vendors",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-000172"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Noriaki Iwasaki of Cyber Defense Institute",
        "sources": [
          {
            "db": "BID",
            "id": "77386"
          }
        ],
        "trust": 0.3
      },
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": null,
                "accessComplexity": "High",
                "accessVector": "Network",
                "authentication": "None",
                "author": "IPA",
                "availabilityImpact": "None",
                "baseScore": 2.6,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2015-000172",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "IPA",
                "id": "JVNDB-2015-000172",
                "trust": 0.8,
                "value": "Low"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-000172"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple router products contain an issue in the protection against clickjacking attacks. Noriaki Iwasaki of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.If a user views a malicious page while logged in, unintended operations may be conducted. Multiple Routers are prone to a clickjacking vulnerability because it fails to perform validity checks on certain user actions through HTTP requests. \nSuccessful exploits will allow an attacker to compromise the affected device or obtain sensitive information. Other attacks are also possible",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-000172"
          },
          {
            "db": "BID",
            "id": "77386"
          }
        ],
        "trust": 0.99
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "JVN",
            "id": "JVN48135658",
            "trust": 1.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-000172",
            "trust": 0.8
          },
          {
            "db": "BID",
            "id": "77386",
            "trust": 0.3
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "77386"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-000172"
          }
        ]
      },
      "id": "VAR-201510-0774",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.4625
      },
      "last_update_date": "2022-05-17T02:02:28.205000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Yamaha Corporation website",
            "trust": 0.8,
            "url": "http://www.rtpro.yamaha.co.jp/rt/faq/security/jvn48135658.html"
          },
          {
            "title": "vulnera_20151127",
            "trust": 0.8,
            "url": "http://www.furukawa.co.jp/fitelnet/topic/vulnera_20151127.html"
          },
          {
            "title": "Information from Allied Telesis",
            "trust": 0.8,
            "url": "https://jvn.jp/jp/jvn48135658/522154/index.html"
          },
          {
            "title": "NV15-019",
            "trust": 0.8,
            "url": "http://jpn.nec.com/security-info/secinfo/nv15-019.html"
          },
          {
            "title": " PLANEX COMMUNICATIONS INC. website ",
            "trust": 0.8,
            "url": "http://www.planex.co.jp/news/info/20151030_info.shtml"
          },
          {
            "title": "I-O DATA DEVICE, INC. website",
            "trust": 0.8,
            "url": "http://www.iodata.jp/support/information/2016/clickjacking/"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-000172"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-Other",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-000172"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.1,
            "url": "http://jvn.jp/en/jp/jvn48135658/index.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.rtpro.yamaha.co.jp/rt/faq/security/jvn48135658.html"
          },
          {
            "trust": 0.3,
            "url": "http://jpn.nec.com/security-info/secinfo/nv15-019.html"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "77386"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-000172"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "BID",
            "id": "77386"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-000172"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2015-10-30T00:00:00",
            "db": "BID",
            "id": "77386"
          },
          {
            "date": "2015-10-30T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2015-000172"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2015-10-30T00:00:00",
            "db": "BID",
            "id": "77386"
          },
          {
            "date": "2016-02-12T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2015-000172"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "network",
        "sources": [
          {
            "db": "BID",
            "id": "77386"
          }
        ],
        "trust": 0.3
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple routers contain issue in preventing clickjacking attacks",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-000172"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Design Error",
        "sources": [
          {
            "db": "BID",
            "id": "77386"
          }
        ],
        "trust": 0.3
      }
    }