CVE-2024-47865

medium

Description

Missing authentication for critical function vulnerability exists in Rakuten Turbo 5G firmware version V1.3.18 and earlier. If this vulnerability is exploited, a remote unauthenticated attacker may update or downgrade the firmware on the device.

References

https://network.mobile.rakuten.co.jp/internet/turbo/information/news/3184/

https://jvn.jp/en/vu/JVNVU90667116/

Details

Source: Mitre, NVD

Published: 2024-11-20

Updated: 2024-11-20

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N