CVE-2026-32326 is a vulnerability identified in Sharp Corporation's home 5G HR01 router series, specifically firmware versions 38JP_0_490 and earlier. The core issue is the absence of authentication enforcement on certain web APIs, which allows unauthenticated users on the local network to retrieve sensitive device information. This lack of authentication can lead to an attacker gaining insights into the device configuration and status without credentials. More critically, if the router's administrative password remains at the factory default, an attacker can exploit this vulnerability to take over the device, potentially gaining administrative control. The vulnerability has a CVSS 3.0 base score of 5.7, reflecting medium severity, with an attack vector requiring local network access (AV:A), low attack complexity (AC:L), and privileges required (PR:L), but no user interaction (UI:N). The scope is unchanged (S:U), with high confidentiality impact (C:H) but no impact on integrity or availability (I:N/A:N). No public exploits have been reported to date, and no patches have been linked yet. This vulnerability highlights the risk of insufficient authentication controls on embedded device management interfaces and the dangers of unchanged default credentials. It underscores the importance of secure device configuration and firmware updates in consumer networking equipment.

The vulnerability allows unauthorized local network attackers to access sensitive device information without authentication, potentially exposing configuration details that could facilitate further attacks. If the administrative password is not changed from its default, attackers can fully compromise the router, gaining administrative control. This can lead to unauthorized changes in network configuration, interception or redirection of network traffic, and the creation of persistent backdoors. The impact is primarily on confidentiality and device control, with no direct impact on data integrity or availability reported. Organizations relying on these routers for home or small office connectivity may face increased risk of network compromise, especially if default credentials are used. The lack of authentication on critical APIs also increases the attack surface and could be leveraged in multi-stage attacks. While exploitation requires local network access, compromised devices could be used as pivot points for lateral movement within organizational networks.

1. Immediately change the default administrative password on all affected Sharp home 5G HR01 routers to a strong, unique password to prevent takeover. 2. Restrict local network access to the router’s management interface by implementing network segmentation and firewall rules that limit access to trusted devices only. 3. Monitor network traffic for unusual activity or unauthorized access attempts to the router’s web APIs. 4. Regularly check for and apply firmware updates from Sharp Corporation once patches addressing this vulnerability are released. 5. Disable remote management features if not required to reduce exposure. 6. Educate users on the risks of default credentials and the importance of secure configuration of network devices. 7. Consider deploying network intrusion detection systems capable of identifying anomalous router management traffic. 8. For organizations, implement network access control (NAC) to ensure only authorized devices can connect to sensitive network segments.