CVE-2024-46873
9.8
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple SHARP routers leave the hidden debug function enabled. An arbitrary OS command may be executed with the root privilege by a remote unauthenticated attacker.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Sharp Corporation | home 5G HR02 | S5.82.00 and earlier | affected |
| Sharp Corporation | Wi-Fi STATION SH-52B | S3.87.11 and earlier | affected |
| Sharp Corporation | Wi-Fi STATION SH-54C | S6.60.00 and earlier | affected |
| Sharp Corporation | Wi-Fi STATION SH-05L | 01.00.C0 and earlier | affected |
| Sharp Corporation | PocketWifi 809SH | 01.00.B9 and earlier | affected |
| Sharp Corporation | Speed Wi-Fi NEXT W07 | 02.00.48 and earlier | affected |
Weaknesses
- CWE-489: Active debug code
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.