Vulnerabilities > NTT West

DATE CVE VULNERABILITY TITLE RISK
2021-11-24 CVE-2021-20843 Inclusion of Functionality from Untrusted Control Sphere vulnerability in multiple products
Cross-site script inclusion vulnerability in the Web GUI of RTX830 Rev.15.02.17 and earlier, NVR510 Rev.15.01.18 and earlier, NVR700W Rev.15.00.19 and earlier, and RTX1210 Rev.14.01.38 and earlier allows a remote authenticated attacker to alter the settings of the product via a specially crafted web page.
network
low complexity
yamaha ntt-west CWE-829
5.4
2021-11-24 CVE-2021-20844 Improper Encoding or Escaping of Output vulnerability in multiple products
Improper neutralization of HTTP request headers for scripting syntax vulnerability in the Web GUI of RTX830 Rev.15.02.17 and earlier, NVR510 Rev.15.01.18 and earlier, NVR700W Rev.15.00.19 and earlier, and RTX1210 Rev.14.01.38 and earlier allows a remote authenticated attacker to obtain sensitive information via a specially crafted web page.
network
low complexity
yamaha ntt-west CWE-116
5.7
2019-09-12 CVE-2019-5986 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
Cross-site request forgery (CSRF) vulnerability in Hikari Denwa router/Home GateWay (Hikari Denwa router/Home GateWay provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION PR-S300NE/RT-S300NE/RV-S340NE firmware version Ver.
network
low complexity
ntt-east ntt-west CWE-352
8.8
2019-09-12 CVE-2019-5985 Cross-site Scripting vulnerability in multiple products
Cross-site scripting vulnerability in Hikari Denwa router/Home GateWay (Hikari Denwa router/Home GateWay provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION PR-S300NE/RT-S300NE/RV-S340NE firmware version Ver.
network
low complexity
ntt-east ntt-west CWE-79
6.1
2019-01-09 CVE-2018-16177 Uncontrolled Search Path Element vulnerability in Ntt-West Fall Creators Update
Untrusted search path vulnerability in The installer of Windows 10 Fall Creators Update Modify module for Security Measures tool allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
ntt-west CWE-427
7.8
2016-07-03 CVE-2016-1228 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
Cross-site request forgery (CSRF) vulnerability on NTT EAST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1006 and earlier and NTT WEST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1005 and earlier allows remote attackers to hijack the authentication of arbitrary users.
network
low complexity
ntt-west ntt-east CWE-352
8.8
2016-07-03 CVE-2016-1227 NTT EAST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1006 and earlier and NTT WEST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1005 and earlier allow remote authenticated users to execute arbitrary OS commands via unspecified vectors.
network
low complexity
ntt-east ntt-west
7.2