CVE-2024-52321

Summary

Multiple SHARP routers contain an improper authentication vulnerability in the configuration backup function. The product's backup files containing sensitive information may be retrieved by a remote unauthenticated attacker.

Affected Software

VendorProductVersion RangeStatus
Sharp Corporationhome 5G HR02S5.82.00 and earlieraffected
Sharp CorporationWi-Fi STATION SH-52BS3.87.11 and earlieraffected
Sharp CorporationWi-Fi STATION SH-54CS6.60.00 and earlieraffected
Sharp CorporationWi-Fi STATION SH-05L01.00.C0 and earlieraffected
Sharp CorporationPocketWifi 809SH01.00.B9 and earlieraffected
Sharp CorporationSpeed Wi-Fi NEXT W0702.00.48 and earlieraffected

Weaknesses

  • CWE-497: Exposure of sensitive system information to an unauthorized control sphere

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References