CVE-2025-58272 is a Cross-Site Request Forgery (CSRF) vulnerability affecting NTT EAST, Inc.'s Web Caster V130 device, specifically versions 1.08 and earlier. Web Caster V130 is a network device, likely a router or gateway, used to manage network settings. The vulnerability allows an attacker to craft a malicious web page that, when visited by an authenticated user of the device, can cause unintended changes to the device's configuration without the user's consent. This occurs because the device does not sufficiently verify the origin or intent of requests that modify settings, allowing state-changing operations to be triggered via forged requests. The CVSS v3.0 base score is 3.7, indicating a low severity level. The vector string (AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L) shows that the attack requires access to the same network (Adjacent), high attack complexity, no privileges, and user interaction (the user must visit a malicious page). The impact is limited to integrity and availability with no confidentiality loss. There are no known exploits in the wild, and no patches or mitigations are currently linked. The vulnerability is published and assigned by JPCERT, indicating it is recognized and tracked by Japanese security authorities. The lack of authentication requirements means any user on the local network who can trick a logged-in user into visiting a malicious page could exploit this vulnerability. However, the high attack complexity and requirement for user interaction reduce the likelihood of widespread exploitation. The vulnerability could allow attackers to alter network configurations, potentially disrupting network availability or degrading device integrity, but it does not expose sensitive data directly.

For European organizations, the impact of this vulnerability depends on the deployment of NTT EAST Web Caster V130 devices within their network infrastructure. If used, the vulnerability could allow attackers on the same local network segment to manipulate device settings by tricking authorized users into visiting malicious web pages. This could lead to network disruptions, degraded device functionality, or unauthorized changes that may weaken network security posture. Although the confidentiality impact is none, integrity and availability impacts could affect business operations relying on stable network connectivity. The requirement for user interaction and local network access limits remote exploitation risks, but insider threats or compromised internal systems could leverage this vulnerability. Organizations with remote or hybrid workforces using such devices in home or branch office environments may face increased risk due to less controlled network environments. Overall, the threat is moderate for European organizations but should not be ignored, especially in sectors where network reliability and device integrity are critical, such as telecommunications, finance, and critical infrastructure.

To mitigate this vulnerability, European organizations should first identify any deployments of NTT EAST Web Caster V130 devices running version 1.08 or earlier. Since no patch links are currently provided, organizations should contact NTT EAST for firmware updates or security advisories. In the interim, network segmentation should be enforced to isolate management interfaces from untrusted networks and restrict access to authorized personnel only. Implementing web filtering to block access to known malicious sites can reduce the risk of users visiting attacker-controlled pages. Educating users about the risks of clicking unknown links or visiting suspicious websites is critical. Additionally, enabling multi-factor authentication (if supported) and monitoring device logs for unauthorized configuration changes can help detect exploitation attempts. Network administrators should consider disabling remote management interfaces or restricting them to trusted IP addresses. Regularly auditing device configurations and maintaining an inventory of network devices will improve response readiness. Finally, deploying web application firewalls or intrusion detection systems that can detect CSRF attack patterns may provide additional protection.