CVE-2021-20844
N/A
N/A
Summary
Improper neutralization of HTTP request headers for scripting syntax vulnerability in the Web GUI of RTX830 Rev.15.02.17 and earlier, NVR510 Rev.15.01.18 and earlier, NVR700W Rev.15.00.19 and earlier, and RTX1210 Rev.14.01.38 and earlier allows a remote authenticated attacker to obtain sensitive information via a specially crafted web page.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Yamaha Corporation | RTX830, NVR510, NVR700W, RTX1210 | RTX830 Rev.15.02.17 and earlier, NVR510 Rev.15.01.18 and earlier, NVR700W Rev.15.00.19 and earlier, RTX1210 Rev.14.01.38 and earlier | affected |
Weaknesses
- Improper Neutralization of HTTP Headers for Scripting Syntax
ADP Enrichment
CVE Program Container
Additional References
- https://www.ntt-west.co.jp/smb/kiki_info/info/211109.html
- https://business.ntt-east.co.jp/topics/2021/11_09.html
- http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/JVNVU91161784.html
- https://jvn.jp/en/vu/JVNVU91161784/index.html
References
- https://www.ntt-west.co.jp/smb/kiki_info/info/211109.html
- https://business.ntt-east.co.jp/topics/2021/11_09.html
- http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/JVNVU91161784.html
- https://jvn.jp/en/vu/JVNVU91161784/index.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.