CVE-2024-47044

MEDIUM

NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION - Info Disclosure

Title source: llm
STIX 2.1

Description

Multiple Home GateWay/Hikari Denwa routers provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION are vulnerable to insufficient access restrictions for Device Setting pages. If this vulnerability is exploited, an attacker who identified WAN-side IPv6 address may access the product's Device Setting page via WAN-side. Note that, the same products are also provided by NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION, but the vulnerability only affects products subscribed and used in NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION areas.

References (7)

Scores

CVSS v3 5.3
EPSS 0.0030
EPSS Percentile 52.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-451
Status published
Products (5)
NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION/Hikari Denwa router PR-400MI Ver.09.00.0015 and earlier
NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION/Hikari Denwa router RT-400MI Ver.09.00.0015 and earlier
NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION/Hikari Denwa router RV-440MI Ver.09.00.0015 and earlier
NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION/Home GateWay/Hikari Denwa router PR-500MI/RS-500MI/RT-500MI Ver.08.00.0004 and earlier
NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION/Home GateWay/Hikari Denwa router PR-600MI/RX-600MI Ver.01.00.0008 and earlier
Published Sep 26, 2024
Tracked Since Feb 18, 2026