cpe:/h:centurysys:xr-1100:1.6.2 cpe:/h:centurysys:xr-410:1.6.8 cpe:/h:centurysys:xr-410-l2:1.6.1 cpe:/h:centurysys:xr-440:1.7.7 cpe:/h:centurysys:xr-510:3.5.0 cpe:/h:centurysys:xr-540:3.5.2 cpe:/h:centurysys:xr-640:1.6.7 cpe:/h:centurysys:xr-640-l2:1.6.1 cpe:/h:centurysys:xr-730:3.5.0 CVE-2008-6449 2009-03-09T10:30:00.390-04:00 2017-08-16T21:29:18.613-04:00 4.0 NETWORK HIGH NONE NONE PARTIAL PARTIAL http://nvd.nist.gov 2009-03-10T10:04:00.000-04:00 SECUNIA 31173 JVN JVN#67573833 JVNDB JVNDB-2008-000042 XF centurysystems-router-webinterface-csrf(43949) CONFIRM http://www.centurysys.co.jp/support/xr_common/JVN67573833.html Cross-site request forgery (CSRF) vulnerability in multiple Century Systems routers including XR-410 before 1.6.9, XR-510 before 3.5.3, XR-440 before 1.7.8, and other XR series routers from XR-510 to XR-730 allows remote attackers to modify configuration as the administrator via unknown vectors.