CVE-2022-26834

Improper access control vulnerability in Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 allows a remote attacker to obtain the information stored in the product because the product is set to accept HTTP connections from the WAN side by default.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
jpcertCNA
---
---
CVEADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 60%
References
https://jvn.jp/en/jp/JVN46892984/index.html
https://network.mobile.rakuten.co.jp/information/news/product/1033/
https://jvn.jp/en/jp/JVN46892984/index.html
https://network.mobile.rakuten.co.jp/information/news/product/1033/