CVE-2013-0717
NEC AtermWR and AtermWM Routers - Cross-Site Request Forgery
Title source: llmDescription
Multiple cross-site request forgery (CSRF) vulnerabilities in the web-based management utility on the NEC AtermWR9500N, AtermWR8600N, AtermWR8370N, AtermWR8160N, AtermWM3600R, and AtermWM3450RN routers allow remote attackers to hijack the authentication of administrators for requests that (1) initialize settings or (2) reboot the device.
References (4)
Core 4
Core References
Third Party Advisory x_refsource_confirm
http://jvn.jp/en/jp/JVN59503133/6443/index.html
Third Party Advisory third-party-advisory
x_refsource_jvndb
http://jvndb.jvn.jp/jvndb/JVNDB-2013-000024
Various Sources x_refsource_confirm
http://jpn.nec.com/security-info/secinfo/nv13-005.html
Third Party Advisory third-party-advisory
x_refsource_jvn
http://jvn.jp/en/jp/JVN59503133/index.html
Scores
EPSS
0.0098
EPSS Percentile
58.2%
Details
CWE
CWE-352
Status
published
Products (6)
nec/atermwm3450rn
nec/atermwm3600r
nec/atermwr8160n
nec/atermwr8370n
nec/atermwr8600n
nec/atermwr9500n
Published
Mar 19, 2013
Tracked Since
Feb 18, 2026