CVE-2024-47044 Vulnerability Details

  /     /     /  

CVE-2024-47044 Metadata Quick Info

CVE Published: 26/09/2024 | CVE Updated: 17/10/2024 | CVE Year: 2024
Source: jpcert | Vendor: NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION | Product: Hikari Denwa router RT-400MI
Status : PUBLISHED

---

CVE-2024-47044 Description

Multiple Home GateWay/Hikari Denwa routers provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION are vulnerable to insufficient access restrictions for Device Setting pages. If this vulnerability is exploited, an attacker who identified WAN-side IPv6 address may access the product\'s Device Setting page via WAN-side. Note that, the same products are also provided by NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION, but the vulnerability only affects products subscribed and used in NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION areas.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-451
CWE Name: User interface (UI) misrepresentation of critical information
Source: NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).