sharp corporation

Top products

The 15 most recently published vulnerabilities affecting sharp corporation.

• CVE-2026-32326SHARP routers do not perform authentication for some web APIs. The device information may be retrieved without authentication. If the administrative password of the device is left as the initial on...5.7Mar 25, 2026
• CVE-2024-54082home 5G HR02 and Wi-Fi STATION SH-54C contain an OS command injection vulnerability in the configuration restore function. An arbitrary OS command may be executed with the root privilege by an admi...7.2Dec 23, 2024
• CVE-2024-52321Multiple SHARP routers contain an improper authentication vulnerability in the configuration backup function. The product's backup files containing sensitive information may be retrieved by a remot...5.9Dec 23, 2024
• CVE-2024-47864home 5G HR02, Wi-Fi STATION SH-52B, and Wi-Fi STATION SH-54C contain a buffer overflow vulnerability in the hidden debug function. A remote unauthenticated attacker may get the web console of the p...5.3Dec 23, 2024
• CVE-2024-46873Multiple SHARP routers leave the hidden debug function enabled. An arbitrary OS command may be executed with the root privilege by a remote unauthenticated attacker.9.8Dec 23, 2024
• CVE-2024-45721home 5G HR02, Wi-Fi STATION SH-52B, and Wi-Fi STATION SH-54C contain an OS command injection vulnerability in the HOST name configuration screen. An arbitrary OS command may be executed with the ro...7.2Dec 23, 2024
• CVE-2024-36254Out-of-bounds read vulnerability exists in Sharp Corporation and Toshiba Tec Corporation multiple MFPs (multifunction printers), which may lead to a denial-of-service (DoS) condition.7.5Nov 26, 2024
• CVE-2024-36251The web interface of the affected devices process some crafted HTTP requests improperly, leading to a device crash. More precisely, a crafted parameter to billcodedef_sub_sel.html is not processed ...7.5Nov 26, 2024
• CVE-2024-36249Cross-site scripting vulnerability exists in Sharp Corporation and Toshiba Tech Corporation multiple MFPs (multifunction printers). If this vulnerability is exploited, an arbitrary script may be ex...7.4Nov 26, 2024
• CVE-2024-36248API keys for some cloud services are hardcoded in the "main" binary. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective v...9.1Nov 26, 2024
• CVE-2024-35244There are several hidden accounts. Some of them are intended for maintenance engineers, and with the knowledge of their passwords (e.g., by examining the coredump), these accounts can be used to re...9.1Nov 26, 2024
• CVE-2024-34162The web interface of the affected devices is designed to hide the LDAP credentials even for administrative users. But configuring LDAP authentication to "SIMPLE", the device communicates with the L...5.3Nov 26, 2024
• CVE-2024-33616Admin authentication can be bypassed with some specific invalid credentials, which allows logging in with an administrative privilege. Sharp Corporation states the telnet feature is implemented on ...5.3Nov 26, 2024
• CVE-2024-33610"sessionlist.html" and "sys_trayentryreboot.html" are accessible with no authentication. "sessionlist.html" provides logged-in users' session information including session cookies, and "sys_trayent...9.1Nov 26, 2024
• CVE-2024-33605Improper processing of some parameters of installed_emanual_list.html leads to a path traversal vulnerability. As for the details of affected product names, model numbers, and versions, refer to th...7.5Nov 26, 2024