{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-45721", "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "state": "PUBLISHED", "assignerShortName": "jpcert", "dateReserved": "2024-12-02T06:03:33.501Z", "datePublished": "2024-12-23T00:17:55.581Z", "dateUpdated": "2024-12-24T00:39:52.364Z"}, "containers": {"cna": {"affected": [{"vendor": "Sharp Corporation", "product": "home 5G HR02", "versions": [{"version": "S5.82.00 and earlier", "status": "affected"}]}, {"vendor": "Sharp Corporation", "product": "Wi-Fi STATION SH-52B", "versions": [{"version": "S3.87.11 and earlier", "status": "affected"}]}, {"vendor": "Sharp Corporation", "product": "Wi-Fi STATION SH-54C", "versions": [{"version": "S6.60.00 and earlier", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "home 5G HR02, Wi-Fi STATION SH-52B, and Wi-Fi STATION SH-54C contain an OS command injection vulnerability in the HOST name configuration screen. An arbitrary OS command may be executed with the root privilege by an administrative user."}], "problemTypes": [{"descriptions": [{"description": "Improper neutralization of special elements used in an OS command ('OS Command Injection')", "lang": "en-US", "cweId": "CWE-78", "type": "CWE"}]}], "references": [{"url": "https://k-tai.sharp.co.jp/support/info/info083.html"}, {"url": "https://jvn.jp/en/jp/JVN61635834/"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV3_0": {"version": "3.0", "baseSeverity": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}}], "providerMetadata": {"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert", "dateUpdated": "2024-12-23T00:17:55.581Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-12-24T00:32:46.849402Z", "id": "CVE-2024-45721", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-12-24T00:39:52.364Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-45721", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-12-24T00:32:46.849402Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-12-24T00:32:48.285Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_0": {"version": "3.0", "baseScore": 7.2, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}, "scenarios": [{"lang": "en-US", "value": "GENERAL"}]}], "affected": [{"vendor": "Sharp Corporation", "product": "home 5G HR02", "versions": [{"status": "affected", "version": "S5.82.00 and earlier"}]}, {"vendor": "Sharp Corporation", "product": "Wi-Fi STATION SH-52B", "versions": [{"status": "affected", "version": "S3.87.11 and earlier"}]}, {"vendor": "Sharp Corporation", "product": "Wi-Fi STATION SH-54C", "versions": [{"status": "affected", "version": "S6.60.00 and earlier"}]}], "references": [{"url": "https://k-tai.sharp.co.jp/support/info/info083.html"}, {"url": "https://jvn.jp/en/jp/JVN61635834/"}], "descriptions": [{"lang": "en", "value": "home 5G HR02, Wi-Fi STATION SH-52B, and Wi-Fi STATION SH-54C contain an OS command injection vulnerability in the HOST name configuration screen. An arbitrary OS command may be executed with the root privilege by an administrative user."}], "problemTypes": [{"descriptions": [{"lang": "en-US", "type": "CWE", "cweId": "CWE-78", "description": "Improper neutralization of special elements used in an OS command ('OS Command Injection')"}]}], "providerMetadata": {"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert", "dateUpdated": "2024-12-23T00:17:55.581Z"}}}, "cveMetadata": {"cveId": "CVE-2024-45721", "state": "PUBLISHED", "dateUpdated": "2024-12-24T00:39:52.364Z", "dateReserved": "2024-12-02T06:03:33.501Z", "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "datePublished": "2024-12-23T00:17:55.581Z", "assignerShortName": "jpcert"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "home 5G HR02, Wi-Fi STATION SH-52B, and Wi-Fi STATION SH-54C contain an OS command injection vulnerability in the HOST name configuration screen. An arbitrary OS command may be executed with the root privilege by an administrative user."}, {"lang": "es", "value": "home 5G HR02, Wi-Fi STATION SH-52B y Wi-Fi STATION SH-54C contienen una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo en la pantalla de configuraci\u00f3n del nombre del HOST. Un usuario administrativo puede ejecutar un comando arbitrario del sistema operativo con privilegios de superusuario."}], "id": "CVE-2024-45721", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "vultures@jpcert.or.jp", "type": "Secondary"}]}, "published": "2024-12-23T01:15:07.200", "references": [{"source": "vultures@jpcert.or.jp", "url": "https://jvn.jp/en/jp/JVN61635834/"}, {"source": "vultures@jpcert.or.jp", "url": "https://k-tai.sharp.co.jp/support/info/info083.html"}], "sourceIdentifier": "vultures@jpcert.or.jp", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "vultures@jpcert.or.jp", "type": "Secondary"}]}

{}

{}