Plataforma
other
Componente
sharp-home-5g-hr01-router
Corrigido em
38.0.1
5.0.1
38.0.1
3.87.16
3.0.1
CVE-2026-32326 describes an authentication bypass vulnerability affecting SHARP home 5G HR01 routers running versions up to and including S7.41.00. This flaw allows attackers to retrieve device information without authentication, potentially leading to complete device takeover if the administrator has not changed the default password. A firmware update is required to address this security concern.
The primary impact of CVE-2026-32326 is the potential for unauthorized access to sensitive device information. An attacker exploiting this vulnerability can retrieve configuration details, network settings, and potentially user data stored on the router. Critically, if the administrator has left the default password unchanged, the attacker can gain full administrative control over the router, enabling them to modify settings, intercept network traffic, and launch further attacks against devices on the network. This represents a significant security risk, particularly for home networks and small businesses relying on the router for internet connectivity and security.
This vulnerability was publicly disclosed on March 25, 2026. Currently, there are no publicly available proof-of-concept exploits. The vulnerability's severity is assessed as medium, indicating a moderate probability of exploitation. It is not currently listed on the CISA KEV catalog.
Home users and small businesses utilizing SHARP home 5G HR01 routers, particularly those who have not changed the default administrator password, are at significant risk. Shared hosting environments utilizing these routers for customer internet access are also vulnerable.
disclosure
Status do Exploit
EPSS
0.05% (percentil 14%)
CISA SSVC
Vetor CVSS
The primary mitigation for CVE-2026-32326 is to upgrade the SHARP HR01 router to a firmware version that addresses the authentication bypass. SHARP has not yet released a fixed firmware version, so users should monitor the SHARP support website for updates. As a temporary workaround, changing the default administrator password is crucial to prevent unauthorized access. Consider implementing network segmentation to limit the impact of a potential compromise. Regularly review router logs for suspicious activity.
Atualize o firmware do roteador SHARP home 5G HR01 para a última versão disponível fornecida pelo fabricante. Certifique-se de alterar a senha administrativa padrão por uma senha segura e única.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2026-32326 is a medium severity vulnerability in the SHARP HR01 router allowing unauthenticated access to device information, potentially leading to takeover if default credentials are used.
You are affected if you use a SHARP HR01 router running version S7.41.00 or earlier and have not changed the default administrator password.
Upgrade to a patched firmware version from SHARP. Monitor the SHARP support website for updates. Until then, change the default administrator password.
There are currently no reports of active exploitation, but the vulnerability is publicly known.
Please refer to the SHARP support website for the latest advisory and firmware updates regarding CVE-2026-32326.
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.