CVE-2024-46873

Summary

Multiple SHARP routers leave the hidden debug function enabled. An arbitrary OS command may be executed with the root privilege by a remote unauthenticated attacker.

Affected Software

VendorProductVersion RangeStatus
Sharp Corporationhome 5G HR02S5.82.00 and earlieraffected
Sharp CorporationWi-Fi STATION SH-52BS3.87.11 and earlieraffected
Sharp CorporationWi-Fi STATION SH-54CS6.60.00 and earlieraffected
Sharp CorporationWi-Fi STATION SH-05L01.00.C0 and earlieraffected
Sharp CorporationPocketWifi 809SH01.00.B9 and earlieraffected
Sharp CorporationSpeed Wi-Fi NEXT W0702.00.48 and earlieraffected

Weaknesses

  • CWE-489: Active debug code

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References