Multiple vulnerabilities in SoftBank Mesh Wi-Fi router RP562B

Overview Mesh Wi-Fi router RP562B provided by SoftBank Corp. contains multiple vulnerabilities listed below. Active debug code CWE-489 - CVE-2024-29075 OS command injection CWE-78 - CVE-2024-45827 Exposure of sensitive system information to an unauthorized control sphere CWE-497 - CVE-2024-47799...

CVE-2024-47799

Exposure of sensitive system information to an unauthorized control sphere issue exists in Mesh Wi-Fi router RP562B firmware version v1.0.2 and earlier. If this vulnerability is exploited, a network-adjacent authenticated attacker may obtain information of the other devices connected through the...

CVE-2024-45827

Improper neutralization of special elements used in an OS command 'OS Command Injection' issue exists in Mesh Wi-Fi router RP562B firmware version v1.0.2 and earlier. If this vulnerability is exploited, a network-adjacent authenticated attacker may execute an arbitrary OS command...

CVE-2024-29075

Active debug code vulnerability exists in Mesh Wi-Fi router RP562B firmware version v1.0.2 and earlier. If this vulnerability is exploited, a network-adjacent authenticated attacker may obtain or alter the settings of the device...

CVE-2024-47799

Exposure of sensitive system information to an unauthorized control sphere issue exists in Mesh Wi-Fi router RP562B firmware version v1.0.2 and earlier. If this vulnerability is exploited, a network-adjacent authenticated attacker may obtain information of the other devices connected through the...

CVE-2024-45827

Improper neutralization of special elements used in an OS command 'OS Command Injection' issue exists in Mesh Wi-Fi router RP562B firmware version v1.0.2 and earlier. If this vulnerability is exploited, a network-adjacent authenticated attacker may execute an arbitrary OS command...

CVE-2024-45827

Improper neutralization of special elements used in an OS command 'OS Command Injection' issue exists in Mesh Wi-Fi router RP562B firmware version v1.0.2 and earlier. If this vulnerability is exploited, a network-adjacent authenticated attacker may execute an arbitrary OS command...

CVE-2024-45827

SoftBank Mesh Wi‑Fi router RP562B is affected by CVE-2024-45827: OS command injection due to improper neutralization of special elements in commands. A network‑adjacent authenticated attacker could execute arbitrary OS commands on firmware versions v1.0.2 and earlier. The vulnerability affects th...

CVE-2024-29075

Active debug code vulnerability exists in Mesh Wi-Fi router RP562B firmware version v1.0.2 and earlier. If this vulnerability is exploited, a network-adjacent authenticated attacker may obtain or alter the settings of the device...

SoftBank Mesh Wi-Fi router RP562B 安全漏洞

SoftBank Mesh Wi-Fi router RP562B is a router from SoftBank Japan. A security vulnerability exists in SoftBank Mesh Wi-Fi router RP562B version 1.0.2 and earlier, which stems from an active debugging code vulnerability that could allow an attacker to obtain or change the settings of the device...

SoftBank Mesh Wi-Fi router RP562B 操作系统命令注入漏洞

The SoftBank Mesh Wi-Fi router RP562B is a router from SoftBank Japan. An operating system command injection vulnerability exists in SoftBank Mesh Wi-Fi router RP562B version 1.0.2 and prior versions, which stems from an issue with an improper neutralization of special elements used in operating...

SoftBank Mesh Wi-Fi router RP562B 安全漏洞

SoftBank Mesh Wi-Fi router RP562B is a router from SoftBank Japan. A security vulnerability exists in SoftBank Mesh Wi-Fi router RP562B v1.0.2 and earlier versions, which stems from the presence of an issue where sensitive system information is exposed to unauthorized sphere of control, and an...

PT-2024-22701 · Unknown · Mesh Wi-Fi Router Rp562B

Name of the Vulnerable Software and Affected Versions: Mesh Wi-Fi router RP562B versions v1.0.2 and earlier Description: The issue is related to an active debug code vulnerability. If exploited, it allows a network-adjacent authenticated attacker to obtain or alter the device's settings...