Vulnerability Description
Multiple Home GateWay/Hikari Denwa routers provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION are vulnerable to insufficient access restrictions for Device Setting pages. If this vulnerability is exploited, an attacker who identified WAN-side IPv6 address may access the product's Device Setting page via WAN-side. Note that, the same products are also provided by NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION, but the vulnerability only affects products subscribed and used in NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION areas.
CVSS Score
MEDIUM
Related Weaknesses (CWE)
References
- https://jvn.jp/en/jp/JVN78356367/
- https://web116.jp/ced/support/news/contents/2024/20240930.html
- https://web116.jp/ced/support/version/broadband/500mi/
- https://web116.jp/ced/support/version/broadband/600mi/
- https://web116.jp/ced/support/version/broadband/pr_400mi/
- https://web116.jp/ced/support/version/broadband/rt_400mi/
- https://web116.jp/ced/support/version/broadband/rv_440mi/
FAQ
What is CVE-2024-47044?
CVE-2024-47044 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Multiple Home GateWay/Hikari Denwa routers provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION are vulnerable to insufficient access restrictions for Device Setting pages. If this vulnerabilit...
How severe is CVE-2024-47044?
CVE-2024-47044 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-47044?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.