Unrated severityNVD Advisory· Published Mar 25, 2026· Updated Mar 25, 2026

CVE-2026-32326

Description

SHARP routers do not perform authentication for some web APIs. The device information may be retrieved without authentication. If the administrative password of the device is left as the initial one, the device may be taken over.

Affected products

Sharp Corporation/5G Mobile Router SH-U01v5
Range: S4.48.00 and earlier
Sharp Corporation/home 5G HR01v5
Range: 38JP_0_490 and earlier
Sharp Corporation/home 5G HR02v5
Range: S5.A1.00 and earlier
Sharp Corporation/Pocket WiFi 5G A503SHv5
Range: S7.41.00 and earlier
Sharp Corporation/Speed Wi-Fi 5G X01v5
Range: 3RJP_2_03I and earlier
Sharp Corporation/Wi-Fi STATION SH-52Av5
Range: 38JP_2_03J and earlier
Sharp Corporation/Wi-Fi STATION SH-52Bv5
Range: S3.87.15 and earlierr
Sharp Corporation/Wi-Fi STATION SH-54Cv5
Range: S6.64.00 and earlier

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000