Lucene search
Japan Vulnerability NotesJVN:62737544HistoryApr 24, 2024 - 12:00 a.m.
JVN#62737544: Multiple vulnerabilities in RoamWiFi R10
2024-04-2400:00:00
Japan Vulnerability Notes
jvn.jp
8
roamwifi r10
vulnerabilities
firmware
ota
sensitive information
cve-2024-31406
cve-2024-32051
mitre
RoamWiFi R10 provided by RoamWiFi Technology Co., Ltd. contains multiple vulnerabilities listed below.
Active debug code (CWE-489) CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score 8.8 CVE-2024-31406Insertion of sensitive information into log file (CWE-532) CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Base Score 6.5 CVE-2024-32051
Impact
- An attacker with access to the device may perform unauthorized operations (CVE-2024-31406)
- An attacker with access to the device may obtain sensitive information (CVE-2024-32051)
Solution
Update the firmware
The update is applied automatically with Over-The-Air (OTA) function when the device is turned on. Therefore, no action is required from the user.
Products Affected
- RoamWiFi R10 versions prior to 4.8.45
Related
cvelist
cvelist
CVE-2024-31406
2024-04-24 05:45:37
CVE-2024-32051
2024-04-24 05:45:13
nvd
nvd
CVE-2024-31406
2024-04-24 06:15:13
CVE-2024-32051
2024-04-24 06:15:14
cve
cve
CVE-2024-31406
2024-04-24 06:15:13
CVE-2024-32051
2024-04-24 06:15:14
vulnrichment
vulnrichment
CVE-2024-32051
2024-04-24 05:45:13