Published:2019/06/27  Last Updated:2019/07/05

JVN#43172719
Multiple vulnerabilities in Hikari Denwa router/Home GateWay

Overview

Hikari Denwa router/Home GateWay provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION and NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION contains multiple vulnerabilities.

Products Affected

NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION

  • PR-S300NE/RT-S300NE/RV-S340NE firmware version Ver. 19.41 and earlier
  • PR-S300HI/RT-S300HI/RV-S340HI firmware version Ver.19.01.0005 and earlier
  • PR-S300SE/RT-S300SE/RV-S340SE firmware version Ver.19.40 and earlier
  • PR-400NE/RT-400NE/RV-440NE firmware version Ver.7.42 and earlier
  • PR-400KI/RT-400KI/RV-440KI firmware version Ver.07.00.1010 and earlier
  • PR-400MI/RT-400MI/RV-440MI firmware version Ver. 07.00.1012 and earlier
  • PR-500KI/RT-500KI firmware version Ver.01.00.0090 and earlier
  • RS-500KI firmware version Ver.01.00.0070 and earlier
  • PR-500MI/RT-500MI firmware version Ver.01.01.0014 and earlier
  • RS-500MI firmware version Ver.03.01.0019 and earlier
NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION
  • PR-S300NE/RT-S300NE/RV-S340NE firmware version Ver. 19.41 and earlier
  • PR-S300HI/RT-S300HI/RV-S340HI firmware version Ver.19.01.0005 and earlier
  • PR-S300SE/RT-S300SE/RV-S340SE firmware version Ver.19.40 and earlier
  • PR-400NE/RT-400NE/RV-440NE firmware version Ver.7.42 and earlier
  • PR-400KI/RT-400KI/RV-440KI firmware version Ver.07.00.1010 and earlier
  • PR-400MI/RT-400MI/RV-440MI firmware version Ver. 07.00.1012 and earlier
  • PR-500KI/RT-500KI firmware version Ver.01.00.0090 and earlier
  • PR-500MI/RT-500MI firmware version Ver.01.01.0011 and earlier

Description

Hikari Denwa router/Home GateWay provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION and NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION contains multiple vulnerabilities listed below.

  • Cross-site Scripting (CWE-79) - CVE-2019-5985
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Base Score: 6.1
    CVSS v2 AV:N/AC:M/Au:N/C:N/I:P/A:N Base Score: 4.3
  • Cross-site Request Forgery (CWE-352) - CVE-2019-5986
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Base Score: 6.5
    CVSS v2 AV:N/AC:H/Au:N/C:N/I:P/A:N Base Score: 2.6

Impact

  • An arbitrary script may be executed on the user's web browser - CVE-2019-5985
  • If a user who is logging into the device accesses a specially crafted web page, unintended operations may be conducted - CVE-2019-5986

Solution

Update the firmware
Apply the appropriate firmware update according to the information provided by the developer.

Vendor Status

Vendor Status Last Update Vendor Notes
NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION Vulnerable 2019/06/27 NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION website
NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION Vulnerable 2019/06/27 NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION website

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2019-5985
CVE-2019-5986
JVN iPedia JVNDB-2019-000043

Update History

2019/07/05
Modified the information under [Products Affected] section.