OS Command Injection Vulnerability in Sharp's 5G HR02 and Wi-Fi Stations
CVE-2024-45721

7.2HIGH

Key Information:

Vendor
Sharp Corporation
Status
Home 5g Hr02
Wi-fi Station Sh-52b
Wi-fi Station Sh-54c
Vendor
CVE Published:
23 December 2024

Badges

📰 News Worthy

Summary

An OS command injection vulnerability has been identified in Sharp's 5G HR02 and Wi-Fi STATION devices (SH-52B and SH-54C). This issue arises specifically within the HOST name configuration interface, where an administrative user can inadvertently trigger the execution of arbitrary operating system commands with root privileges. If exploited, this vulnerability could potentially allow unauthorized access to system functionalities, impacting the integrity and security of the network.

Affected Version(s)

home 5G HR02 S5.82.00 and earlier

Wi-Fi STATION SH-52B S3.87.11 and earlier

Wi-Fi STATION SH-54C S6.60.00 and earlier

News Articles

favicon imageCyber Security News

Critical SHARP Routers Vulnerabilities Lets Attacker Trigger RCE to Gain Root Access

SHARP has issued an urgent security advisory regarding multiple vulnerabilities discovered in several of its router products.

References

https://k-tai.sharp.co.jp/support/info/info083.html
https://jvn.jp/en/jp/JVN61635834/

CVSS V3.1

Score:
7.2
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • 📰

    First article discovered by Cyber Security News

  • Vulnerability published

  • Vulnerability Reserved

.