Focus Mode
Cyber Attack

Multiple Vulnerabilities in SHARP Routers Demand Urgent Firmware Updates

Cyware

### #RouterSecurity #FirmwareFlaws #JPCERTAlert

Summary: JPCERT/CC has alerted users about critical vulnerabilities in SHARP routers that could lead to severe security breaches, including arbitrary command execution and sensitive data theft. Affected models include those from major telecom providers in Japan, emphasizing the urgency for firmware updates.

Threat Actor: Unknown | Unknown
Victim: SHARP router users | SHARP router users

Key Point :

  • Multiple critical vulnerabilities tracked under five CVEs, including CVE-2024-45721 and CVE-2024-46873.
  • Potential for arbitrary OS command execution and sensitive data leakage due to improper authentication and buffer overflow issues.
  • Firmware updates are available, and users are strongly advised to implement them immediately to mitigate risks.

The Japan Computer Emergency Response Team Coordination Center (JPCERT/CC) has issued a warning about multiple critical vulnerabilities affecting SHARP routers. These vulnerabilities, tracked under five separate CVEs, pose significant risks, including the potential for arbitrary OS command execution, sensitive data theft, and service disruptions.

The vulnerabilities impact various SHARP router models, including those provided by NTT DOCOMO, INC., SoftBank Corp., and KDDI CORPORATION. The flaws and their potential consequences include:

  • CVE-2024-45721, CVE-2024-52321, CVE-2024-54082: OS command injection vulnerabilities that could allow attackers to execute arbitrary commands with root privileges, potentially leading to complete device takeover.
  • CVE-2024-46873 (CVSS 9.8): A buffer overflow vulnerability in the hidden debug function, potentially leading to denial-of-service or arbitrary code execution.
  • CVE-2024-47864: An improper authentication vulnerability in the configuration backup function, potentially allowing attackers to retrieve backup files containing sensitive information.

The vulnerabilities, particularly CVE-2024-46873 and CVE-2024-45721, are highly severe due to their potential for remote exploitation. Successful attacks could lead to:

  • Arbitrary Code Execution: Exploitation of root privileges allows attackers full control of affected devices.
  • Sensitive Data Leakage: Backup files containing critical configuration information could be accessed.
  • Service Downtime: Exploits like the buffer overflow could render device management interfaces unusable.

SHARP has released firmware updates [1,2,3] to address these vulnerabilities. Users are strongly urged to update their routers to the latest firmware versions as soon as possible.

Related Posts:

Buy Me A Coffee

Source: https://securityonline.info/multiple-vulnerabilities-in-sharp-routers-demand-urgent-firmware-updates

Tags: BACKUP, CVE, VULNERABILITY, IMPACT