CVE-2025-58272

Summary

Cross-site request forgery vulnerability exists in Web Caster V130 versions 1.08 and earlier. If a logged-in user views a malicious page created by an attacker, the settings of the product may be unintentionally changed.

Affected Software

VendorProductVersion RangeStatus
NTT EAST, Inc.Web Caster V1301.08 and earlieraffected
NTT WEST, Inc.Web Caster V1301.08 and earlieraffected

Weaknesses

  • CWE-352: Cross-site request forgery (CSRF)

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References