Multiple vulnerabilities in SHARP routers for NTT DOCOMO
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 5 |
| CVE-ID | CVE-2024-45721 CVE-2024-46873 CVE-2024-47864 CVE-2024-52321 CVE-2024-54082 |
| CWE-ID | CWE-78 CWE-489 CWE-119 CWE-497 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
home 5G HR02 Hardware solutions / Routers & switches, VoIP, GSM, etc Wi-Fi STATION SH-52B Hardware solutions / Routers & switches, VoIP, GSM, etc Wi-Fi STATION SH-54C Hardware solutions / Routers & switches, VoIP, GSM, etc Wi-Fi STATION SH-05L Hardware solutions / Routers & switches, VoIP, GSM, etc |
| Vendor | NTT DOCOMO |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
1) OS Command Injection
EUVDB-ID: #VU101783
Risk: Low
CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-45721
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the HOST name configuration screen. A remote administrator can pass specially crafted data to the application and execute arbitrary OS commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionshome 5G HR02: S5.82.00
Wi-Fi STATION SH-52B: S3.87.11
Wi-Fi STATION SH-54C: S6.60.00
CPE2.3- cpe:2.3:h:ntt_docomo:home_5g_hr02:*:*:*:*:*:*:*:*
- cpe:2.3:h:ntt_docomo:home_5g_hr02:S5.82.00:*:*:*:*:*:*:*
- cpe:2.3:h:ntt_docomo:wi-fi_station_sh-52b:*:*:*:*:*:*:*:*
- cpe:2.3:h:ntt_docomo:wi-fi_station_sh-52b:S3.87.11:*:*:*:*:*:*:*
- cpe:2.3:h:ntt_docomo:wi-fi_station_sh-54c:*:*:*:*:*:*:*:*
- cpe:2.3:h:ntt_docomo:wi-fi_station_sh-54c:S6.60.00:*:*:*:*:*:*:*
http://jvn.jp/en/jp/JVN61635834/index.html
http://k-tai.sharp.co.jp/support/info/info083.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Active Debug Code
EUVDB-ID: #VU101784
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46873
CWE-ID:
CWE-489 - Active Debug Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the hidden debug function is enabled. A remote attacker can execute arbitrary commands on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionshome 5G HR02: S5.82.00
Wi-Fi STATION SH-52B: S3.87.11
Wi-Fi STATION SH-54C: S6.60.00
Wi-Fi STATION SH-05L: 01.00.C0
CPE2.3- cpe:2.3:h:ntt_docomo:home_5g_hr02:*:*:*:*:*:*:*:*
- cpe:2.3:h:ntt_docomo:home_5g_hr02:S5.82.00:*:*:*:*:*:*:*
- cpe:2.3:h:ntt_docomo:wi-fi_station_sh-52b:*:*:*:*:*:*:*:*
- cpe:2.3:h:ntt_docomo:wi-fi_station_sh-52b:S3.87.11:*:*:*:*:*:*:*
- cpe:2.3:h:ntt_docomo:wi-fi_station_sh-54c:*:*:*:*:*:*:*:*
- cpe:2.3:h:ntt_docomo:wi-fi_station_sh-54c:S6.60.00:*:*:*:*:*:*:*
- cpe:2.3:h:ntt_docomo:wi-fi_station_sh-05l:*:*:*:*:*:*:*:*
- cpe:2.3:h:ntt_docomo:wi-fi_station_sh-05l:01.00.C0:*:*:*:*:*:*:*
http://jvn.jp/en/jp/JVN61635834/index.html
http://k-tai.sharp.co.jp/support/info/info083.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Buffer overflow
EUVDB-ID: #VU101785
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-47864
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in the hidden debug function. A remote attacker can trigger memory corruption and cause a denial of service condition on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionshome 5G HR02: S5.82.00
Wi-Fi STATION SH-52B: S3.87.11
Wi-Fi STATION SH-54C: S6.60.00
CPE2.3- cpe:2.3:h:ntt_docomo:home_5g_hr02:*:*:*:*:*:*:*:*
- cpe:2.3:h:ntt_docomo:home_5g_hr02:S5.82.00:*:*:*:*:*:*:*
- cpe:2.3:h:ntt_docomo:wi-fi_station_sh-52b:*:*:*:*:*:*:*:*
- cpe:2.3:h:ntt_docomo:wi-fi_station_sh-52b:S3.87.11:*:*:*:*:*:*:*
- cpe:2.3:h:ntt_docomo:wi-fi_station_sh-54c:*:*:*:*:*:*:*:*
- cpe:2.3:h:ntt_docomo:wi-fi_station_sh-54c:S6.60.00:*:*:*:*:*:*:*
http://jvn.jp/en/jp/JVN61635834/index.html
http://k-tai.sharp.co.jp/support/info/info083.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Exposure of Sensitive System Information to an Unauthorized Control Sphere
EUVDB-ID: #VU101786
Risk: Medium
CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-52321
CWE-ID:
CWE-497 - Exposure of Sensitive System Information to an Unauthorized Control Sphere
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to improper authentication in the configuration backup function. A remote attacker can gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionshome 5G HR02: S5.82.00
Wi-Fi STATION SH-52B: S3.87.11
Wi-Fi STATION SH-54C: S6.60.00
Wi-Fi STATION SH-05L: 01.00.C0
CPE2.3- cpe:2.3:h:ntt_docomo:home_5g_hr02:*:*:*:*:*:*:*:*
- cpe:2.3:h:ntt_docomo:home_5g_hr02:S5.82.00:*:*:*:*:*:*:*
- cpe:2.3:h:ntt_docomo:wi-fi_station_sh-52b:*:*:*:*:*:*:*:*
- cpe:2.3:h:ntt_docomo:wi-fi_station_sh-52b:S3.87.11:*:*:*:*:*:*:*
- cpe:2.3:h:ntt_docomo:wi-fi_station_sh-54c:*:*:*:*:*:*:*:*
- cpe:2.3:h:ntt_docomo:wi-fi_station_sh-54c:S6.60.00:*:*:*:*:*:*:*
- cpe:2.3:h:ntt_docomo:wi-fi_station_sh-05l:*:*:*:*:*:*:*:*
- cpe:2.3:h:ntt_docomo:wi-fi_station_sh-05l:01.00.C0:*:*:*:*:*:*:*
http://jvn.jp/en/jp/JVN61635834/index.html
http://k-tai.sharp.co.jp/support/info/info083.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) OS Command Injection
EUVDB-ID: #VU101787
Risk: Low
CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-54082
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the configuration restore function. A remote administrator can pass specially crafted data to the application and execute arbitrary OS commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionshome 5G HR02: S5.82.00
Wi-Fi STATION SH-54C: S6.60.00
CPE2.3- cpe:2.3:h:ntt_docomo:home_5g_hr02:*:*:*:*:*:*:*:*
- cpe:2.3:h:ntt_docomo:home_5g_hr02:S5.82.00:*:*:*:*:*:*:*
- cpe:2.3:h:ntt_docomo:wi-fi_station_sh-54c:*:*:*:*:*:*:*:*
- cpe:2.3:h:ntt_docomo:wi-fi_station_sh-54c:S6.60.00:*:*:*:*:*:*:*
http://jvn.jp/en/jp/JVN61635834/index.html
http://k-tai.sharp.co.jp/support/info/info083.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
