CVE-2025-58272 is a cross-site request forgery (CSRF) vulnerability affecting NTT EAST, Inc.'s Web Caster V130 device, specifically versions 1.08 and earlier. This vulnerability allows an attacker to trick a logged-in user into executing unwanted actions on the Web Caster device by having them visit a maliciously crafted webpage. Since the user is already authenticated, the malicious webpage can cause the device's settings to be changed without the user's consent. The vulnerability requires the user to be logged in and to interact by visiting the attacker's page, which means user interaction is necessary. The CVSS 3.0 base score is 3.7, indicating a low severity level. The attack vector is adjacent network (AV:A), meaning the attacker must be on the same or a logically adjacent network segment. The attack complexity is high (AC:H), and no privileges are required (PR:N). The vulnerability impacts integrity and availability slightly (I:L, A:L) but does not affect confidentiality (C:N). There are no known exploits in the wild, and no patches or mitigation links have been provided yet. The vulnerability is typical of CSRF issues where insufficient validation of request origin allows unauthorized state-changing requests to be executed under the context of an authenticated user session.

For European organizations using the Web Caster V130 device, this vulnerability could lead to unauthorized changes in device configurations, potentially disrupting network services or weakening security postures. Although the impact on confidentiality is none, integrity and availability impacts could cause operational disruptions or misconfigurations that might be exploited further. Since the attack requires user interaction and adjacency to the network, the risk is somewhat limited to internal or local network environments. However, in environments where these devices are used for critical network functions or as gateways, unauthorized configuration changes could lead to service outages or create openings for further attacks. The low CVSS score reflects the limited scope and complexity of exploitation, but organizations should still consider the operational impact of any unauthorized configuration changes.

European organizations should implement strict network segmentation to limit access to the Web Caster V130 devices, ensuring that only trusted users on trusted networks can reach the device management interfaces. Employing web application firewalls (WAFs) that can detect and block CSRF attack patterns may provide additional protection. Organizations should educate users about the risks of clicking on unknown or suspicious links, especially when logged into sensitive devices. Since no patches are currently available, disabling remote management or restricting management access to specific IP addresses or VPNs can reduce exposure. Monitoring device configuration changes and maintaining logs can help detect unauthorized modifications quickly. Once a patch or firmware update is released by NTT EAST, organizations should prioritize applying it promptly. Additionally, implementing multi-factor authentication (MFA) for device management interfaces, if supported, can reduce the risk of unauthorized actions.