{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T20:57:07.338","vulnerabilities":[{"cve":{"id":"CVE-2021-20843","sourceIdentifier":"vultures@jpcert.or.jp","published":"2021-11-24T16:15:13.230","lastModified":"2024-11-21T05:47:15.970","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site script inclusion vulnerability in the Web GUI of RTX830 Rev.15.02.17 and earlier, NVR510 Rev.15.01.18 and earlier, NVR700W Rev.15.00.19 and earlier, and RTX1210 Rev.14.01.38 and earlier allows a remote authenticated attacker to alter the settings of the product via a specially crafted web page."},{"lang":"es","value":"Una vulnerabilidad de inclusión de scripts en la interfaz gráfica de usuario de RTX830 Rev.15.02.17 y anteriores, NVR510 Rev.15.01.18 y anteriores, NVR700W Rev.15.00.19 y anteriores, y RTX1210 Rev.14.01.38 y anteriores, permite a un atacante remoto autenticado alterar la configuración del producto por medio de una página web especialmente diseñada"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-829"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:yamaha:rtx830_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"15.02.17","matchCriteriaId":"FA148A58-912E-448A-97B4-056F2EFE30B0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:yamaha:rtx830:-:*:*:*:*:*:*:*","matchCriteriaId":"C585EA2A-C2E0-406E-A785-668C2D8C5D64"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:yamaha:nvr510_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"15.01.18","matchCriteriaId":"DF01C565-EF7D-46C9-9B5C-C6F97F059DA6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:yamaha:nvr510:-:*:*:*:*:*:*:*","matchCriteriaId":"1F29115C-CBD1-4648-A7BB-616DB70231FD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:yamaha:nvr700w_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"15.00.19","matchCriteriaId":"6679812C-0DC7-408E-8387-35BC4948063D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:yamaha:nvr700w:-:*:*:*:*:*:*:*","matchCriteriaId":"DF384051-AFEF-4CCD-BC7A-866EC2B87FFA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:yamaha:rtx1210_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"14.01.38","matchCriteriaId":"742F40F8-41DC-4E31-8C98-A46015A984B6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:yamaha:rtx1210:-:*:*:*:*:*:*:*","matchCriteriaId":"38ABD757-E916-4DD3-B491-E37EEDEB601C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ntt-west:biz_box_rtx830_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"15.02.17","matchCriteriaId":"F5CADF05-D820-4923-90E8-C7A96DFCBA54"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ntt-west:biz_box_rtx830:-:*:*:*:*:*:*:*","matchCriteriaId":"4CFEFB4A-C552-4649-B59F-6FB10A79DA84"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ntt-west:biz_box_nvr510_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"15.01.18","matchCriteriaId":"23D4489C-5BAB-42DF-B5EA-7833527F4A24"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ntt-west:biz_box_nvr510:-:*:*:*:*:*:*:*","matchCriteriaId":"D8659F51-B97F-49BB-9D78-AB9D4DFB9FB2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ntt-west:biz_box_nvr700w_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"15.00.19","matchCriteriaId":"221F5AFD-8DE5-44D0-8532-AE5895369759"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ntt-west:biz_box_nvr700w:-:*:*:*:*:*:*:*","matchCriteriaId":"399DC40A-66AE-4B23-83BD-E7CBDD093415"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ntt-west:biz_box_rtx1210_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"14.01.38","matchCriteriaId":"60517A56-D41C-4931-BBA7-A1AA6058CCC1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ntt-west:biz_box_rtx1210:-:*:*:*:*:*:*:*","matchCriteriaId":"DC9E8F0E-8006-4474-9700-3DCAC5A40278"}]}]}],"references":[{"url":"http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/JVNVU91161784.html","source":"vultures@jpcert.or.jp","tags":["Mitigation","Vendor Advisory"]},{"url":"https://business.ntt-east.co.jp/topics/2021/11_09.html","source":"vultures@jpcert.or.jp","tags":["Mitigation","Vendor Advisory"]},{"url":"https://jvn.jp/en/vu/JVNVU91161784/index.html","source":"vultures@jpcert.or.jp","tags":["Mitigation","Third Party Advisory"]},{"url":"https://www.ntt-west.co.jp/smb/kiki_info/info/211109.html","source":"vultures@jpcert.or.jp","tags":["Mitigation","Vendor Advisory"]},{"url":"http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/JVNVU91161784.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mitigation","Vendor Advisory"]},{"url":"https://business.ntt-east.co.jp/topics/2021/11_09.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mitigation","Vendor Advisory"]},{"url":"https://jvn.jp/en/vu/JVNVU91161784/index.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mitigation","Third Party Advisory"]},{"url":"https://www.ntt-west.co.jp/smb/kiki_info/info/211109.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mitigation","Vendor Advisory"]}]}}]}