Hayato Doi

**Name of the Vulnerable Software and Affected Versions** Yamaha routers RT57i versions 8.00.95 and earlier Yamaha routers RT58i versions 9.01.51 and earlier Yamaha routers NVR500 versions 11.00.36 and earlier Yamaha routers RTX810 versions 11.01.31 and earlier **Description** The issue allows an administrative user to embed arbitrary scripts into the configuration data through a certain form field of the configuration page. This may result in the execution of these scripts on another administrative user's web browser. **Recommendations** For RT57i versions 8.00.95 and earlier, update to a version later than 8.00.95 to resolve the issue. For RT58i versions 9.01.51 and earlier, update to a version later than 9.01.51 to resolve the issue. For NVR500 versions 11.00.36 and earlier, update to a version later than 11.00.36 to resolve the issue. For RTX810 versions 11.01.31 and earlier, update to a version later than 11.01.31 to resolve the issue.