CVE-2008-6449
NONE EPSS 43.9%
Published Mar 9, 200917y ago · Modified Jun 16, 20262w ago
Published Mar 9, 2009 17y ago
Last Modified Jun 16, 2026 2w ago
Description
Cross-site request forgery (CSRF) vulnerability in multiple Century Systems routers including XR-410 before 1.6.9, XR-510 before 3.5.3, XR-440 before 1.7.8, and other XR series routers from XR-510 to XR-730 allows remote attackers to modify configuration as the administrator via unknown vectors.
Threat Intelligence
EPSS Exploit Probability
43.9% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-352 Cross-Site Request Forgery (CSRF) Authentication
Affected Products 9
| Vendor | Product | Version | Range |
|---|---|---|---|
| centurysys | xr-1100 | * | ≤1.6.2 |
| centurysys | xr-410 | * | ≤1.6.8 |
| centurysys | xr-410-l2 | * | ≤1.6.1 |
| centurysys | xr-440 | * | ≤1.7.7 |
| centurysys | xr-510 | * | ≤3.5.0 |
| centurysys | xr-540 | * | ≤3.5.2 |
| centurysys | xr-640 | * | ≤1.6.7 |
| centurysys | xr-640-l2 | * | ≤1.6.1 |
| centurysys | xr-730 | * | ≤3.5.0 |
References 5
- jvn.jp http://jvn.jp/en/jp/JVN67573833/index.html
- jvndb.jvn.jp http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000042.html
- secunia.com http://secunia.com/advisories/31173
- centurysys.co.jp http://www.centurysys.co.jp/support/xr_common/JVN67573833.html
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/43949
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.