5.3
CVE-2024-47044
- EPSS 0.24%
- Published 26.09.2024 09:15:02
- Last modified 17.10.2024 02:15:02
- Source vultures@jpcert.or.jp
- Teams watchlist Login
- Open Login
Multiple Home GateWay/Hikari Denwa routers provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION are vulnerable to insufficient access restrictions for Device Setting pages. If this vulnerability is exploited, an attacker who identified WAN-side IPv6 address may access the product's Device Setting page via WAN-side. Note that, the same products are also provided by NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION, but the vulnerability only affects products subscribed and used in NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION areas.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Daten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)
Vendorntt-east
≫
Product
rv-440mi_firmware
Default Statusunknown
Version <=
09.00.0015
Version
0
Status
affected
Vendorntt-east
≫
Product
rt-500mi_firmware
Default Statusunknown
Version <=
08.00.0004
Version
0
Status
affected
Vendorntt-east
≫
Product
rx-600mi_firmware
Default Statusunknown
Version <=
01.00.0008
Version
0
Status
affected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.24% | 0.468 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
CWE-451 User Interface (UI) Misrepresentation of Critical Information
The user interface (UI) does not properly represent critical information to the user, allowing the information - or its source - to be obscured or spoofed. This is often a component in phishing attacks.