CVE-2024-46873

9.8

Critical

Published:23 Dec 2024

Last updated:17 Jun 2026

Source:vultures@jpcert.or.jp

Deferred

Weakness (CWE)

CWE-489CWE-489

CVSS Vector

v3.0

Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Scope: Unchanged
Confidentiality: High
Integrity: High
Availability: High

View on MITRE Find PoC on GitHub

Description

Multiple SHARP routers leave the hidden debug function enabled. An arbitrary OS command may be executed with the root privilege by a remote unauthenticated attacker.

References

vultures@jpcert.or.jp

https://jvn.jp/en/jp/JVN61635834/

vultures@jpcert.or.jp

https://k-tai.sharp.co.jp/support/info/info083.html