Multiple Vulnerabilities in SHARP Routers Demand Urgent Firmware Updates

The Japan Computer Emergency Response Team Coordination Center (JPCERT/CC) has issued a warning about multiple critical vulnerabilities affecting SHARP routers. These vulnerabilities, tracked under five separate CVEs, pose significant risks, including the potential for arbitrary OS command execution, sensitive data theft, and service disruptions.

The vulnerabilities impact various SHARP router models, including those provided by NTT DOCOMO, INC., SoftBank Corp., and KDDI CORPORATION. The flaws and their potential consequences include:

• CVE-2024-45721, CVE-2024-52321, CVE-2024-54082: OS command injection vulnerabilities that could allow attackers to execute arbitrary commands with root privileges, potentially leading to complete device takeover.
• CVE-2024-46873 (CVSS 9.8): A buffer overflow vulnerability in the hidden debug function, potentially leading to denial-of-service or arbitrary code execution.
• CVE-2024-47864: An improper authentication vulnerability in the configuration backup function, potentially allowing attackers to retrieve backup files containing sensitive information.

The vulnerabilities, particularly CVE-2024-46873 and CVE-2024-45721, are highly severe due to their potential for remote exploitation. Successful attacks could lead to:

• Arbitrary Code Execution: Exploitation of root privileges allows attackers full control of affected devices.
• Sensitive Data Leakage: Backup files containing critical configuration information could be accessed.
• Service Downtime: Exploits like the buffer overflow could render device management interfaces unusable.

SHARP has released firmware updates [1,2,3] to address these vulnerabilities. Users are strongly urged to update their routers to the latest firmware versions as soon as possible.

Related Posts:

• Sharp Stealer: New Malware Targets Gamers’ Accounts and Online Identities
• Sharp Dragon APT Group Expands Cyber Espionage Operations to Africa and the Caribbean
• Sharp and Toshiba Tec MFPs Exposed: Multiple Vulnerabilities Put Businesses at Risk
• GitHub’s August Nightmare: Multiple Disruptions Lead to Global Outage