Improper authentication vulnerability in Rakuten WiFi Pocket all versions allows a network-adjacent attacker to log in to the product's Management Screen. As a result, sensitive information may be obtained and/or the settings may be changed.
References
Link | Resource |
---|---|
https://jvn.jp/en/jp/JVN55217369/ | Third Party Advisory |
https://network.mobile.rakuten.co.jp/product/internet/rakuten-wifi-pocket/support/ | Vendor Advisory |
https://jvn.jp/en/jp/JVN55217369/ | Third Party Advisory |
https://network.mobile.rakuten.co.jp/product/internet/rakuten-wifi-pocket/support/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 08:19
Type | Values Removed | Values Added |
---|---|---|
References | () https://jvn.jp/en/jp/JVN55217369/ - Third Party Advisory | |
References | () https://network.mobile.rakuten.co.jp/product/internet/rakuten-wifi-pocket/support/ - Vendor Advisory |
21 Mar 2024, 02:48
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-08-23 04:15
Updated : 2024-11-21 08:19
NVD link : CVE-2023-40282
Mitre link : CVE-2023-40282
CVE.ORG link : CVE-2023-40282
JSON object : View
Products Affected
rakuten
- wifi_pocket_firmware
- wifi_pocket
CWE
CWE-287
Improper Authentication