Product Security Advisory

Publication Date: March 25, 2026

Security Vulnerability in Our Router Products

Thank you for using our products. It has been discovered that certain our router contains a security vulnerability and please update them. Please refer to the table below for an overview of the vulnerability and the affected products. We apologize for any inconvenience this issue may cause to our customers.

Affected models and firmware version	For NTT DOCOMO, INC. home 5G HR01 (versions 38JP_0_490 and earlier) home 5G HR02 (versions S5.A1.00 and earlier) Wi-Fi STATION SH-52A (versions 38JP_2_03J and earlier) Wi-Fi STATION SH-52B (versions S3.87.15 and earlier) Wi-Fi STATION SH-54C (versions S6.64.00 and earlier) For SoftBank Corp. 5G Mobile Router SH-U01 (versions S4.48.00 and earlier) Pocket WiFi 5G A503SH (versions S7.41.00 and earlier) For KDDI CORPORATION Speed Wi-Fi 5G X01 (versions 3RJP_2_03I and earlier)
Vulnerability Description	Our routers do not perform authentication for some web APIs.Those web APIs provide device information, and the initial administrative password is based on a part of the device information. CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N Base Score 6.9 CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Base Score 5.7 CVE: CVE-2026-32326 CWE: Missing Authentication for Critical Function (CWE-306)
Possible impacts	The device information may be retrieved without authentication. If the administrative password of the device is left as the initial one, the device may be vulnerable to unauthorized access.
Countermeasure	We have released updated software that addresses this vulnerability. Please refer to the website for each product and perform a software update. For routers with automatic software update enabled, the update may have already been applied. Please note that support for the following products has already ended. For these products, please apply the mitigation measures described below. End-of-Service Products Wi-Fi STATION SH-52A Speed Wi-Fi 5G X01
Mitigation measures	Please use a PC, smartphone, or other mobile device, access the router’s Settings Tool via a web browser and change the default password. Please refer to the user manual for details on how to connect to the router.
References	As detailed information, please refer to the relevant product support pages. Please note that pages may be written in Japanese. For NTT DOCOMO, INC. home 5G HR01: https://www.docomo.ne.jp/support/product_update/hr01/ home 5G HR02: https://www.docomo.ne.jp/support/product_update/hr02/ Wi-Fi STATION SH-52B: https://www.docomo.ne.jp/support/product_update/sh52b/ Wi-Fi STATION SH-54C: https://www.docomo.ne.jp/support/product_update/sh54c/ For SoftBank Corp. Pocket WiFi 5G A503SH: https://www.softbank.jp/mobile/info/personal/software/20260311-02/ The CVE ID is provided in the "Vulnerability Description" section above. JVN#49524110: SHARP routers missing authentication for some web APIs https://jvn.jp/en/jp/JVN49524110/
Acknowledgment	This vulnerability was discovered through a report from Shota Zaizen, coordinated via JPCERT/CC. We would like to express our sincere appreciation for the responsible disclosure.
Revision History	March 25, 2026: Initial release of this vulnerability information.