CVE-2025-58272_CVE-2025-58272

2 / 10

LOW

CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

Description

Cross-site request forgery vulnerability exists in Web Caster V130 versions 1.08 and earlier. If a logged-in user views a malicious page created by an attacker, the settings of the product may be unintentionally changed.

Basic Information

ID CVE-2025-58272

Source jpcert

Published Sep 3, 2025 at 05:28

Affected Product

Vendor NTT EAST, Inc.

Product Web Caster V130

Version 1.08 and earlier

Affected Versions NTT EAST, Inc. Web Caster V130 1.08 and earlier
NTT WEST, Inc. Web Caster V130 1.08 and earlier

CWE Classification

CWE-352

References

{
    "lastseen": "",
    "description": "Cross-site request forgery vulnerability exists in Web Caster V130 versions 1.08 and earlier. If a logged-in user views a malicious page created by an attacker, the settings of the product may be unintentionally changed.",
    "published": "2025-09-03T05:28:00.966Z",
    "modified": "2025-09-03T05:28:00.966Z",
    "type": "cve",
    "title": "CVE-2025-58272",
    "source": "jpcert",
    "references": "https://www.ntt-east.co.jp/info/detail/220903_01.html\nhttps://www.ntt-west.co.jp/info/support/oshirase20250903.html\nhttps://jvn.jp/en/jp/JVN65839588/",
    "id": "CVE-2025-58272",
    "bulletinFamily": "",
    "cwe": [
        "CWE-352"
    ],
    "cvelist": null,
    "sourceData": "NTT EAST, Inc. Web Caster V130 1.08 and earlier\nNTT WEST, Inc. Web Caster V130 1.08 and earlier",
    "sourceHref": "",
    "cvss": {
        "score": 2,
        "severity": "LOW",
        "vector": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Web Caster V130",
    "version": "1.08 and earlier",
    "vendor": "NTT EAST, Inc.",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}