CVE-2024-47044
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
26/09/2024
Last modified:
17/10/2024
Description
Multiple Home GateWay/Hikari Denwa routers provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION are vulnerable to insufficient access restrictions for Device Setting pages. If this vulnerability is exploited, an attacker who identified WAN-side IPv6 address may access the product's Device Setting page via WAN-side. Note that, the same products are also provided by NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION, but the vulnerability only affects products subscribed and used in NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION areas.
Impact
Base Score 3.x
5.30
Severity 3.x
MEDIUM
References to Advisories, Solutions, and Tools
- https://jvn.jp/en/jp/JVN78356367/
- https://web116.jp/ced/support/news/contents/2024/20240930.html
- https://web116.jp/ced/support/version/broadband/500mi/
- https://web116.jp/ced/support/version/broadband/600mi/
- https://web116.jp/ced/support/version/broadband/pr_400mi/
- https://web116.jp/ced/support/version/broadband/rt_400mi/
- https://web116.jp/ced/support/version/broadband/rv_440mi/