MEDIUM🇬🇧 English

CVE-2008-6449

CVSS 4.0v2.0pub. 2009-03-09upd. 2026-04-23

Cross-site request forgery (CSRF) vulnerability in multiple Century Systems routers including XR-410 before 1.6.9, XR-510 before 3.5.3, XR-440 before 1.7.8, and other XR series routers from XR-510 to XR-730 allows remote attackers to modify configuration as the administrator via unknown vectors.

oryginał EN
CVSS Vector
AV:N/AC:H/Au:N/C:N/I:P/A:P
  • Centurysys Xr 1100

    HW
    Centurysys
    ≤ 1.6.2
  • Centurysys Xr 410

    HW
    Centurysys
    ≤ 1.6.8
  • Centurysys Xr 410 L2

    HW
    Centurysys
    ≤ 1.6.1
  • Centurysys Xr 440

    HW
    Centurysys
    ≤ 1.7.7
  • Centurysys Xr 510

    HW
    Centurysys
    ≤ 3.5.0
  • Centurysys Xr 540

    HW
    Centurysys
    ≤ 3.5.2
  • Centurysys Xr 640

    HW
    Centurysys
    ≤ 1.6.7
  • Centurysys Xr 640 L2

    HW
    Centurysys
    ≤ 1.6.1
  • Centurysys Xr 730

    HW
    Centurysys
    ≤ 3.5.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2024-31070CRITICAL9.1PL ✓ten sam vendor

Auth Bypass w FutureNet NXR/VXR/WXR — nieograniczony dostęp do usługi Telnet

CVE-2024-36491CRITICAL9.8PL ✓ten sam vendor

Command Injection w urządzeniach FutureNet NXR/VXR/WXR (Century Systems)

CVE-2024-36475HIGH8.8ten sam vendor

FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. contain an active debug ...