Arbitrary Command Execution Vulnerability in SHARP Routers
CVE-2024-46873

9.8CRITICAL

Key Information:

Vendor: Sharp Corporation
Status: Home 5g Hr02; Wi-fi Station Sh-52b; Wi-fi Station Sh-54c; Wi-fi Station Sh-05l
Vendor: CVE Published:; 23 December 2024

Badges

📰 News Worthy

Summary

Multiple SHARP routers have a serious vulnerability due to the presence of an enabled hidden debug function. This allows remote unauthenticated attackers to execute arbitrary operating system commands with root privileges. Such a security flaw raises significant concerns regarding the network integrity and data protection measures within affected environments. Users of these routers are advised to immediately review the security settings and apply necessary mitigations to safeguard their systems.

Affected Version(s)

home 5G HR02 S5.82.00 and earlier

PocketWifi 809SH 01.00.B9 and earlier

Speed Wi-Fi NEXT W07 02.00.48 and earlier

News Articles

Cyber Security News

CVE-2024-45721 CVE-2024-46873

Critical SHARP Routers Vulnerabilities Lets Attacker Trigger RCE to Gain Root Access

SHARP has issued an urgent security advisory regarding multiple vulnerabilities discovered in several of its router products.

thmubnail image

Multiple SHARP Routers Vulnerabilities Let Attackers Execute Arbitrary Code

Multiple vulnerabilities have been identified in SHARP routers, potentially allowing attackers to execute arbitrary code with root privileges.

thmubnail image

References

https://k-tai.sharp.co.jp/support/info/info083.html

https://jvn.jp/en/jp/JVN61635834/

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 23, 2024
📰
First article discovered by GBHackers News
Dec 18, 2024
Vulnerability Reserved
Dec 2, 2024

.