CVE-2013-0717

NEC AtermWR and AtermWM Routers - Cross-Site Request Forgery

Title source: llm
STIX 2.1

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in the web-based management utility on the NEC AtermWR9500N, AtermWR8600N, AtermWR8370N, AtermWR8160N, AtermWM3600R, and AtermWM3450RN routers allow remote attackers to hijack the authentication of administrators for requests that (1) initialize settings or (2) reboot the device.

References (4)

Core 4
Core References
Third Party Advisory x_refsource_confirm
http://jvn.jp/en/jp/JVN59503133/6443/index.html
Third Party Advisory third-party-advisory x_refsource_jvndb
http://jvndb.jvn.jp/jvndb/JVNDB-2013-000024
Various Sources x_refsource_confirm
http://jpn.nec.com/security-info/secinfo/nv13-005.html
Third Party Advisory third-party-advisory x_refsource_jvn
http://jvn.jp/en/jp/JVN59503133/index.html

Scores

EPSS 0.0098
EPSS Percentile 58.2%

Details

CWE
CWE-352
Status published
Products (6)
nec/atermwm3450rn
nec/atermwm3600r
nec/atermwr8160n
nec/atermwr8370n
nec/atermwr8600n
nec/atermwr9500n
Published Mar 19, 2013
Tracked Since Feb 18, 2026