CVE-2023-40282

Summary

Improper authentication vulnerability in Rakuten WiFi Pocket all versions allows a network-adjacent attacker to log in to the product's Management Screen. As a result, sensitive information may be obtained and/or the settings may be changed.

Affected Software

VendorProductVersion RangeStatus
Rakuten Mobile, Inc.Rakuten WiFi Pocketall versionsaffected

Weaknesses

  • Improper authentication

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References