Manabu Kobayashi

**Name of the Vulnerable Software and Affected Versions** FS010W versions prior to V1.3.0 **Description** A cross-site scripting issue allows an attacker to inject arbitrary web script or HTML via unspecified vectors. **Recommendations** For versions prior to V1.3.0, update to a version later than V1.3.0 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** FS010W firmware versions prior to FS010W 00 V1.3.0 **Description** A cross-site request forgery (CSRF) issue allows an attacker to hijack the authentication of administrators via unspecified vectors. **Recommendations** For versions prior to FS010W 00 V1.3.0, update to a version later than FS010W 00 V1.3.0 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** WMR-433 firmware versions 1.02 and earlier WMR-433W firmware versions 1.40 and earlier **Description** A cross-site request forgery issue allows remote attackers to hijack the authentication of administrators. The attack vector is not specified. **Recommendations** For WMR-433 firmware versions 1.02 and earlier, update to a version later than 1.02 to resolve the issue. For WMR-433W firmware versions 1.40 and earlier, update to a version later than 1.40 to resolve the issue. As a temporary workaround, consider restricting access to the administrative interface to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** WMR-433 firmware versions 1.02 and earlier WMR-433W firmware versions 1.40 and earlier **Description** A cross-site scripting issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. **Recommendations** For WMR-433 firmware versions 1.02 and earlier, update to a version later than 1.02 to resolve the issue. For WMR-433W firmware versions 1.40 and earlier, update to a version later than 1.40 to resolve the issue.