CVE-2021-20844

Summary

Improper neutralization of HTTP request headers for scripting syntax vulnerability in the Web GUI of RTX830 Rev.15.02.17 and earlier, NVR510 Rev.15.01.18 and earlier, NVR700W Rev.15.00.19 and earlier, and RTX1210 Rev.14.01.38 and earlier allows a remote authenticated attacker to obtain sensitive information via a specially crafted web page.

Affected Software

VendorProductVersion RangeStatus
Yamaha CorporationRTX830, NVR510, NVR700W, RTX1210RTX830 Rev.15.02.17 and earlier, NVR510 Rev.15.01.18 and earlier, NVR700W Rev.15.00.19 and earlier, RTX1210 Rev.14.01.38 and earlieraffected

Weaknesses

  • Improper Neutralization of HTTP Headers for Scripting Syntax

ADP Enrichment

CVE Program Container

Additional References

References