CVE-2024-46873

Multiple SHARP routers leave the hidden debug function enabled. An arbitrary OS command may be executed with the root privilege by a remote unauthenticated attacker...

CVE-2024-47864

home 5G HR02, Wi-Fi STATION SH-52B, and Wi-Fi STATION SH-54C contain a buffer overflow vulnerability in the hidden debug function. A remote unauthenticated attacker may get the web console of the product down...

CVE-2024-47864

The CVE-2024-47864 issue affects Sharp home 5G HR02, Wi‑Fi STATION SH‑52B, and SH‑54C. It is a buffer overflow in the hidden debug function that can cause the product’s web console to go down. Evidence across multiple sources confirms the affected models and the vulnerability class, but explicit ...

CVE-2024-47864

home 5G HR02, Wi-Fi STATION SH-52B, and Wi-Fi STATION SH-54C contain a buffer overflow vulnerability in the hidden debug function. A remote unauthenticated attacker may get the web console of the product down...

CVE-2024-46873

CVE-2024-46873 concerns SHARP routers (SH-05L, SH-52B, SH-54C, HR02). The root cause is a hidden debug function that, when enabled, allows a remote unauthenticated attacker to execute arbitrary OS commands with root privileges. Public docs confirm this vulnerability alongside other SHARP router C...

CVE-2024-46873

Multiple SHARP routers leave the hidden debug function enabled. An arbitrary OS command may be executed with the root privilege by a remote unauthenticated attacker...

CVE-2024-46873

Multiple SHARP routers leave the hidden debug function enabled. An arbitrary OS command may be executed with the root privilege by a remote unauthenticated attacker...

PT-2024-32856 · Unknown · Home 5G Hr02 +2

Name of the Vulnerable Software and Affected Versions: home 5G HR02 affected versions not specified Wi-Fi STATION SH-52B affected versions not specified Wi-Fi STATION SH-54C affected versions not specified Description: The issue is related to a buffer overflow vulnerability in the hidden debug...

Multiple vulnerabilities in SHARP routers

Overview SHARP routers contain multiple vulnerabilities listed below. OS command injection vulnerability in the HOST name configuration screen CWE-78 - CVE-2024-45721 The hidden debug function is enabled CWE-489 - CVE-2024-46873 Buffer overflow vulnerability in the hidden debug function CWE-120 -...

CVE-2022-20648

A vulnerability in a debug function for Cisco RCM for Cisco StarOS Software could allow an unauthenticated, remote attacker to perform debug actions that could result in the disclosure of confidential information that should be restricted. This vulnerability exists because of a debug service that...

Dahua Security Cameras Incorrect Default Permissions (CVE-2019-9679)

Some of Dahua's Debug functions do not have permission separation. Low-privileged users can use the Debug function after logging in. Affected products include: IPC-HDW1X2X,IPC-HFW1X2X,IPC-HDW2X2X,IPC- HFW2X2X,IPC-HDW4X2X,IPC-HFW4X2X,IPC-HDBW4X2X,IPC-HDW5X2X,IPC-HFW5X2X for versions which Build ti...

Dahua Security Cameras Improper Authentication (CVE-2017-9316)

Firmware upgrade authentication bypass vulnerability was found in Dahua IPC-HDW4300S and some IP products. The vulnerability was caused by internal Debug function. This particular function was used for problem analysis and performance tuning during product development phase. It allowed the device...

CVE-2024-36475

FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. contain an active debug code vulnerability. If a user who knows how to use the debug function logs in to the product, the debug function may be used and an arbitrary OS command may be executed...

CVE-2024-36475

FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. contain an active debug code vulnerability. If a user who knows how to use the debug function logs in to the product, the debug function may be used and an arbitrary OS command may be executed...

PT-2024-27018 · Futurenet · Futurenet Nxr Series

Name of the Vulnerable Software and Affected Versions: FutureNet NXR series, VXR series and WXR series affected versions not specified Description: The issue concerns an active debug code vulnerability. If a user with knowledge of the debug function logs in, they may utilize the debug function to...

CVE-2024-40915

A flaw was found in the kernelmappages function in RISC-V in the Linux Kernel, which is incorrectly designed to sleep in atomic contexts. This function cleared the valid bit in page table entries for deallocated pages to detect illegal memory accesses, but it utilized setmemory, which acquires a...

CVE-2024-40915

In the Linux kernel, the following vulnerability has been resolved: riscv: rewrite kernelmappages to fix sleeping in invalid context kernelmappages is a debug function which clears the valid bit in page table entry for deallocated pages to detect illegal memory accesses to freed pages. This...

UBUNTU-CVE-2024-40915

In the Linux kernel, the following vulnerability has been resolved: riscv: rewrite kernelmappages to fix sleeping in invalid context kernelmappages is a debug function which clears the valid bit in page table entry for deallocated pages to detect illegal memory accesses to freed pages. This...

CVE-2024-40915

The CVE-2024-40915 issue affects the Linux kernel on riscv, where __kernel_map_pages() (a debugging page-table helper) used __set_memory() to flip the valid bit of page-table entries. __set_memory() takes init_mm’s semaphore and can sleep, but __kernel_map_pages() may be called in atomic context,...

CVE-2024-40915 riscv: rewrite __kernel_map_pages() to fix sleeping in invalid context

In the Linux kernel, the following vulnerability has been resolved: riscv: rewrite kernelmappages to fix sleeping in invalid context kernelmappages is a debug function which clears the valid bit in page table entry for deallocated pages to detect illegal memory accesses to freed pages. This...