Authentication Bypass in SHARP Routers Exposes Device Information
CVE-2026-32326

6.9MEDIUM

Key Information:

Vendor

Sharp Corporation

Status
Home 5g Hr01
Home 5g Hr02
Wi-fi Station Sh-52a
Wi-fi Station Sh-52b
Vendor
CVE Published:
25 March 2026

What is CVE-2026-32326?

Certain SHARP routers are vulnerable due to a failure to enforce authentication on some of their web APIs. This oversight allows unauthorized users to retrieve sensitive device information without proper authentication. If the default administrative password is not changed, this vulnerability opens the door for potential device takeover by malicious actors. Users are strongly encouraged to change their passwords and review security settings to mitigate the risks associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

5G Mobile Router SH-U01 S4.48.00 and earlier

home 5G HR01 38JP_0_490 and earlier

home 5G HR02 S5.A1.00 and earlier

References

https://global.sharp/corporate/info/product-security/advi...
https://jvn.jp/en/jp/JVN49524110/

CVSS V4

Score:
6.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
None
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

CVSS V3.0

Score:
5.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.