プラットフォーム
other
コンポーネント
sharp-home-5g-hr01-router
修正版
38.0.1
5.0.1
38.0.1
3.87.16
3.0.1
CVE-2026-32326 describes an authentication bypass vulnerability affecting SHARP home 5G HR01 routers running versions up to and including S7.41.00. This flaw allows attackers to retrieve device information without authentication, potentially leading to complete device takeover if the administrator has not changed the default password. A firmware update is required to address this security concern.
The primary impact of CVE-2026-32326 is the potential for unauthorized access to sensitive device information. An attacker exploiting this vulnerability can retrieve configuration details, network settings, and potentially user data stored on the router. Critically, if the administrator has left the default password unchanged, the attacker can gain full administrative control over the router, enabling them to modify settings, intercept network traffic, and launch further attacks against devices on the network. This represents a significant security risk, particularly for home networks and small businesses relying on the router for internet connectivity and security.
This vulnerability was publicly disclosed on March 25, 2026. Currently, there are no publicly available proof-of-concept exploits. The vulnerability's severity is assessed as medium, indicating a moderate probability of exploitation. It is not currently listed on the CISA KEV catalog.
Home users and small businesses utilizing SHARP home 5G HR01 routers, particularly those who have not changed the default administrator password, are at significant risk. Shared hosting environments utilizing these routers for customer internet access are also vulnerable.
disclosure
エクスプロイト状況
EPSS
0.05% (14% パーセンタイル)
CISA SSVC
CVSS ベクトル
The primary mitigation for CVE-2026-32326 is to upgrade the SHARP HR01 router to a firmware version that addresses the authentication bypass. SHARP has not yet released a fixed firmware version, so users should monitor the SHARP support website for updates. As a temporary workaround, changing the default administrator password is crucial to prevent unauthorized access. Consider implementing network segmentation to limit the impact of a potential compromise. Regularly review router logs for suspicious activity.
SHARP home 5G HR01ルーターのファームウェアを、メーカーが提供する最新バージョンにアップデートしてください。管理者パスワードをデフォルトのまま使用せず、安全でユニークなパスワードに変更するようにしてください。
脆弱性分析と重要アラートをメールでお届けします。
CVE-2026-32326 is a medium severity vulnerability in the SHARP HR01 router allowing unauthenticated access to device information, potentially leading to takeover if default credentials are used.
You are affected if you use a SHARP HR01 router running version S7.41.00 or earlier and have not changed the default administrator password.
Upgrade to a patched firmware version from SHARP. Monitor the SHARP support website for updates. Until then, change the default administrator password.
There are currently no reports of active exploitation, but the vulnerability is publicly known.
Please refer to the SHARP support website for the latest advisory and firmware updates regarding CVE-2026-32326.
依存関係ファイルをアップロードすれば、このCVEや他のCVEがあなたに影響するか即座にわかります。