Search criteria
2 vulnerabilities found for rtx1210 by yamaha
VAR-202004-1827
Vulnerability from variot - Updated: 2023-12-18 12:56Yamaha LTE VoIP Router(NVR700W firmware Rev.15.00.15 and earlier), Yamaha Gigabit VoIP Router(NVR510 firmware Rev.15.01.14 and earlier), Yamaha Gigabit VPN Router(RTX810 firmware Rev.11.01.33 and earlier, RTX830 firmware Rev.15.02.09 and earlier, RTX1200 firmware Rev.10.01.76 and earlier, RTX1210 firmware Rev.14.01.33 and earlier, RTX3500 firmware Rev.14.00.26 and earlier, and RTX5000 firmware Rev.14.00.26 and earlier), Yamaha Broadband VoIP Router(NVR500 firmware Rev.11.00.38 and earlier), and Yamaha Firewall(FWX120 firmware Rev.11.03.27 and earlier) allow remote attackers to cause a denial of service via unspecified vectors. For multiple network devices provided by Yamaha Corporation, service operation interruption due to processing of received packets (DoS) (CWE-400) Vulnerability exists. This vulnerability information is based on the Information Security Early Warning Partnership. IPA Report to JPCERT/CC Coordinated with the developer. Reporter : Keio University Faculty of Science and Engineering Department of Computer Science Amano Lab Niwa Naoya MrService operation obstruction by a remote third party (DoS) You may be attacked. Yamaha NVR500 and others are products of Yamaha Corporation of Japan. Yamaha NVR500 is an enterprise router. Yamaha RTX810 is a Gigabit VPN (Virtual Private Network) router. Yamaha FWX120 is a firewall product.
Denial of service vulnerabilities exist in many Yamaha products. A remote attacker can use this vulnerability to cause a denial of service
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1827",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fwx120",
"scope": "lte",
"trust": 1.0,
"vendor": "yamaha",
"version": "11.03.27"
},
{
"model": "rtx810",
"scope": "lte",
"trust": 1.0,
"vendor": "yamaha",
"version": "11.01.33"
},
{
"model": "rtx1200",
"scope": "lte",
"trust": 1.0,
"vendor": "yamaha",
"version": "10.01.76"
},
{
"model": "rtx830",
"scope": "lte",
"trust": 1.0,
"vendor": "yamaha",
"version": "15.02.09"
},
{
"model": "nvr500",
"scope": "lte",
"trust": 1.0,
"vendor": "yamaha",
"version": "11.00.38"
},
{
"model": "rtx1210",
"scope": "lte",
"trust": 1.0,
"vendor": "yamaha",
"version": "14.01.33"
},
{
"model": "rtx3500",
"scope": "lte",
"trust": 1.0,
"vendor": "yamaha",
"version": "14.00.26"
},
{
"model": "nvr510",
"scope": "lte",
"trust": 1.0,
"vendor": "yamaha",
"version": "15.01.14"
},
{
"model": "rtx5000",
"scope": "lte",
"trust": 1.0,
"vendor": "yamaha",
"version": "14.00.26"
},
{
"model": "nvr700w",
"scope": "lte",
"trust": 1.0,
"vendor": "yamaha",
"version": "15.00.15"
},
{
"model": "fwx120",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "\u30d5\u30a1\u30fc\u30e0\u30a6\u30a7\u30a2 rev.11.03.27"
},
{
"model": "nvr500",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "\u30d5\u30a1\u30fc\u30e0\u30a6\u30a7\u30a2 rev.11.00.38"
},
{
"model": "nvr510",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "\u30d5\u30a1\u30fc\u30e0\u30a6\u30a7\u30a2 rev.15.01.14"
},
{
"model": "nvr700w",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "\u30d5\u30a1\u30fc\u30e0\u30a6\u30a7\u30a2 rev.15.00.15"
},
{
"model": "rtx1200",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "\u30d5\u30a1\u30fc\u30e0\u30a6\u30a7\u30a2 rev.10.01.76"
},
{
"model": "rtx1210",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "\u30d5\u30a1\u30fc\u30e0\u30a6\u30a7\u30a2 rev.14.01.33"
},
{
"model": "rtx3500",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "\u30d5\u30a1\u30fc\u30e0\u30a6\u30a7\u30a2 rev.14.00.26"
},
{
"model": "rtx5000",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "\u30d5\u30a1\u30fc\u30e0\u30a6\u30a7\u30a2 rev.14.00.26"
},
{
"model": "rtx810",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "\u30d5\u30a1\u30fc\u30e0\u30a6\u30a7\u30a2 rev.11.01.33"
},
{
"model": "rtx830",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "\u30d5\u30a1\u30fc\u30e0\u30a6\u30a7\u30a2 rev.15.02.09"
},
{
"model": "lte voip router nvr700w \u003c=rev.15.00.15",
"scope": null,
"trust": 0.6,
"vendor": "yamaha",
"version": null
},
{
"model": "gigabit voip router nvr510 \u003c=rev.15.01.14",
"scope": null,
"trust": 0.6,
"vendor": "yamaha",
"version": null
},
{
"model": "gigabit vpn router rtx810 \u003c=rev.11.01.33",
"scope": null,
"trust": 0.6,
"vendor": "yamaha",
"version": null
},
{
"model": "gigabit vpn router rtx830 \u003c=rev.15.02.09",
"scope": null,
"trust": 0.6,
"vendor": "yamaha",
"version": null
},
{
"model": "gigabit vpn router rtx1200 \u003c=rev.10.01.76",
"scope": null,
"trust": 0.6,
"vendor": "yamaha",
"version": null
},
{
"model": "gigabit voip router rtx1210 \u003c=rev.14.01.33",
"scope": null,
"trust": 0.6,
"vendor": "yamaha",
"version": null
},
{
"model": "gigabit voip router rtx3500 \u003c=rev.14.00.26",
"scope": null,
"trust": 0.6,
"vendor": "yamaha",
"version": null
},
{
"model": "gigabit voip router rtx5000 \u003c=rev.14.00.26",
"scope": null,
"trust": 0.6,
"vendor": "yamaha",
"version": null
},
{
"model": "broadband voip router nvr500 \u003c=rev.11.00.38",
"scope": null,
"trust": 0.6,
"vendor": "yamaha",
"version": null
},
{
"model": "firewall fwx120 \u003c=rev.11.03.27",
"scope": null,
"trust": 0.6,
"vendor": "yamaha",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-21477"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-000021"
},
{
"db": "NVD",
"id": "CVE-2020-5548"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:yamaha:rtx830_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "15.02.09",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:yamaha:rtx830:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:yamaha:nvr510_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "15.01.14",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:yamaha:nvr510:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:yamaha:nvr700w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "15.00.15",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:yamaha:nvr700w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:yamaha:rtx1210_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.01.33",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:yamaha:rtx1210:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:yamaha:rtx5000_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.00.26",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:yamaha:rtx5000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:yamaha:rtx3500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.00.26",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:yamaha:rtx3500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:yamaha:fwx120_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.03.27",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:yamaha:fwx120:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:yamaha:rtx810_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.01.33",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:yamaha:rtx810:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:yamaha:nvr500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.00.38",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:yamaha:nvr500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:yamaha:rtx1200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.01.76",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:yamaha:rtx1200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-5548"
}
]
},
"cve": "CVE-2020-5548",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "Complete",
"baseScore": 7.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-000021",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-21477",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "IPA",
"availabilityImpact": "High",
"baseScore": 5.9,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-000021",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-5548",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "IPA",
"id": "JVNDB-2020-000021",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2020-21477",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202003-1751",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-21477"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-000021"
},
{
"db": "NVD",
"id": "CVE-2020-5548"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1751"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Yamaha LTE VoIP Router(NVR700W firmware Rev.15.00.15 and earlier), Yamaha Gigabit VoIP Router(NVR510 firmware Rev.15.01.14 and earlier), Yamaha Gigabit VPN Router(RTX810 firmware Rev.11.01.33 and earlier, RTX830 firmware Rev.15.02.09 and earlier, RTX1200 firmware Rev.10.01.76 and earlier, RTX1210 firmware Rev.14.01.33 and earlier, RTX3500 firmware Rev.14.00.26 and earlier, and RTX5000 firmware Rev.14.00.26 and earlier), Yamaha Broadband VoIP Router(NVR500 firmware Rev.11.00.38 and earlier), and Yamaha Firewall(FWX120 firmware Rev.11.03.27 and earlier) allow remote attackers to cause a denial of service via unspecified vectors. For multiple network devices provided by Yamaha Corporation, service operation interruption due to processing of received packets (DoS) (CWE-400) Vulnerability exists. This vulnerability information is based on the Information Security Early Warning Partnership. IPA Report to JPCERT/CC Coordinated with the developer. Reporter : Keio University Faculty of Science and Engineering Department of Computer Science Amano Lab Niwa Naoya MrService operation obstruction by a remote third party (DoS) You may be attacked. Yamaha NVR500 and others are products of Yamaha Corporation of Japan. Yamaha NVR500 is an enterprise router. Yamaha RTX810 is a Gigabit VPN (Virtual Private Network) router. Yamaha FWX120 is a firewall product. \n\r\n\r\nDenial of service vulnerabilities exist in many Yamaha products. A remote attacker can use this vulnerability to cause a denial of service",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-5548"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-000021"
},
{
"db": "CNVD",
"id": "CNVD-2020-21477"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "JVN",
"id": "JVN38732359",
"trust": 3.0
},
{
"db": "NVD",
"id": "CVE-2020-5548",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-000021",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-21477",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1751",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-21477"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-000021"
},
{
"db": "NVD",
"id": "CVE-2020-5548"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1751"
}
]
},
"id": "VAR-202004-1827",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-21477"
}
],
"trust": 1.5511363636363638
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-21477"
}
]
},
"last_update_date": "2023-12-18T12:56:03.439000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "\u300c\u30e4\u30de\u30cf\u88fd\u306e\u8907\u6570\u306e\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u6a5f\u5668\u306b\u304a\u3051\u308b\u30b5\u30fc\u30d3\u30b9\u904b\u7528\u59a8\u5bb3 (DoS) \u306e\u8106\u5f31\u6027\u300d\u306b\u3064\u3044\u3066 ",
"trust": 0.8,
"url": "http://www.rtpro.yamaha.co.jp/rt/faq/security/jvn38732359.html"
},
{
"title": "Biz Box\u30eb\u30fc\u30bf\u3092\u3054\u5229\u7528\u306e\u304a\u5ba2\u3055\u307e\u3078",
"trust": 0.8,
"url": "https://flets-w.com/solution/kiki_info/info/200331.html"
},
{
"title": "BizBox\u30eb\u30fc\u30bf\u30fb\u30e4\u30de\u30cf\u30eb\u30fc\u30bf\u3092\u3054\u5229\u7528\u306e\u304a\u5ba2\u3055\u307e\u3078",
"trust": 0.8,
"url": "https://web116.jp/ced/support/news/contents/2020/20200331.html"
},
{
"title": "Patch for Multiple Yamaha product denial of service vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/212643"
},
{
"title": "Multiple Yamaha Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=115376"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-21477"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-000021"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1751"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-000021"
},
{
"db": "NVD",
"id": "CVE-2020-5548"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://www.rtpro.yamaha.co.jp/rt/faq/security/jvn38732359.html"
},
{
"trust": 1.6,
"url": "https://jvn.jp/en/jp/jvn38732359/index.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-5548"
},
{
"trust": 0.8,
"url": "https://jvn.jp/jp/jvn38732359/index.html"
},
{
"trust": 0.6,
"url": "https://jvn.jp/en/jp/jvn38732359/"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-5548"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-21477"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-000021"
},
{
"db": "NVD",
"id": "CVE-2020-5548"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1751"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-21477"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-000021"
},
{
"db": "NVD",
"id": "CVE-2020-5548"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1751"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-21477"
},
{
"date": "2020-03-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-000021"
},
{
"date": "2020-04-01T12:15:15.210000",
"db": "NVD",
"id": "CVE-2020-5548"
},
{
"date": "2020-03-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-1751"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-21477"
},
{
"date": "2020-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-000021"
},
{
"date": "2020-04-02T17:25:32.917000",
"db": "NVD",
"id": "CVE-2020-5548"
},
{
"date": "2020-05-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-1751"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202003-1751"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Interfering with service operations on multiple Yamaha network devices (DoS) Vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-000021"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202003-1751"
}
],
"trust": 0.6
}
}
VAR-201510-0774
Vulnerability from variot - Updated: 2022-05-17 02:02Multiple router products contain an issue in the protection against clickjacking attacks. Noriaki Iwasaki of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.If a user views a malicious page while logged in, unintended operations may be conducted. Multiple Routers are prone to a clickjacking vulnerability because it fails to perform validity checks on certain user actions through HTTP requests. Successful exploits will allow an attacker to compromise the affected device or obtain sensitive information. Other attacks are also possible
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0774",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "",
"scope": null,
"trust": 0.8,
"vendor": "multiple venders",
"version": null
},
{
"model": "srt100",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"model": "rtx810",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "11.1.21"
},
{
"model": "rtx1500",
"scope": null,
"trust": 0.3,
"vendor": "yamaha",
"version": null
},
{
"model": "rtx1210",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"model": "rtx1200",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "10.1.59"
},
{
"model": "rtv01",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"model": "rt58i",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"model": "rt107e",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"model": "nvr500",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "11.0.25"
},
{
"model": "fwx120",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "11.3.8"
},
{
"model": "infocage",
"scope": "eq",
"trust": 0.3,
"vendor": "nec",
"version": "3.1"
},
{
"model": "rtx810",
"scope": "ne",
"trust": 0.3,
"vendor": "yamaha",
"version": "11.1.25"
},
{
"model": "rtx1200",
"scope": "ne",
"trust": 0.3,
"vendor": "yamaha",
"version": "10.1.65"
},
{
"model": "nvr500",
"scope": "ne",
"trust": 0.3,
"vendor": "yamaha",
"version": "11.0.28"
},
{
"model": "fwx120",
"scope": "ne",
"trust": 0.3,
"vendor": "yamaha",
"version": "11.3.13"
},
{
"model": "infocage",
"scope": "ne",
"trust": 0.3,
"vendor": "nec",
"version": "5.1"
}
],
"sources": [
{
"db": "BID",
"id": "77386"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-000172"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:misc:multiple_vendors",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-000172"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Noriaki Iwasaki of Cyber Defense Institute",
"sources": [
{
"db": "BID",
"id": "77386"
}
],
"trust": 0.3
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "High",
"accessVector": "Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "None",
"baseScore": 2.6,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2015-000172",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "IPA",
"id": "JVNDB-2015-000172",
"trust": 0.8,
"value": "Low"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-000172"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple router products contain an issue in the protection against clickjacking attacks. Noriaki Iwasaki of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.If a user views a malicious page while logged in, unintended operations may be conducted. Multiple Routers are prone to a clickjacking vulnerability because it fails to perform validity checks on certain user actions through HTTP requests. \nSuccessful exploits will allow an attacker to compromise the affected device or obtain sensitive information. Other attacks are also possible",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-000172"
},
{
"db": "BID",
"id": "77386"
}
],
"trust": 0.99
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "JVN",
"id": "JVN48135658",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-000172",
"trust": 0.8
},
{
"db": "BID",
"id": "77386",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "77386"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-000172"
}
]
},
"id": "VAR-201510-0774",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4625
},
"last_update_date": "2022-05-17T02:02:28.205000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Yamaha Corporation website",
"trust": 0.8,
"url": "http://www.rtpro.yamaha.co.jp/rt/faq/security/jvn48135658.html"
},
{
"title": "vulnera_20151127",
"trust": 0.8,
"url": "http://www.furukawa.co.jp/fitelnet/topic/vulnera_20151127.html"
},
{
"title": "Information from Allied Telesis",
"trust": 0.8,
"url": "https://jvn.jp/jp/jvn48135658/522154/index.html"
},
{
"title": "NV15-019",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv15-019.html"
},
{
"title": " PLANEX COMMUNICATIONS INC. website ",
"trust": 0.8,
"url": "http://www.planex.co.jp/news/info/20151030_info.shtml"
},
{
"title": "I-O DATA DEVICE, INC. website",
"trust": 0.8,
"url": "http://www.iodata.jp/support/information/2016/clickjacking/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-000172"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-000172"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.1,
"url": "http://jvn.jp/en/jp/jvn48135658/index.html"
},
{
"trust": 0.3,
"url": "http://www.rtpro.yamaha.co.jp/rt/faq/security/jvn48135658.html"
},
{
"trust": 0.3,
"url": "http://jpn.nec.com/security-info/secinfo/nv15-019.html"
}
],
"sources": [
{
"db": "BID",
"id": "77386"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-000172"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "77386"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-000172"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-30T00:00:00",
"db": "BID",
"id": "77386"
},
{
"date": "2015-10-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-000172"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-30T00:00:00",
"db": "BID",
"id": "77386"
},
{
"date": "2016-02-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-000172"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "77386"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple routers contain issue in preventing clickjacking attacks",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-000172"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "77386"
}
],
"trust": 0.3
}
}