Rakuten · Rakuten Casa · CVE-2022-26834
**Name of the Vulnerable Software and Affected Versions**
Rakuten Casa version AP F V1 4 1
Rakuten Casa version AP F V2 0 0
**Description**
The issue is related to improper access control, allowing a remote attacker to obtain stored information because the product accepts HTTP connections from the WAN side by default.
**Recommendations**
For Rakuten Casa version AP F V1 4 1, restrict access to HTTP connections from the WAN side to minimize the risk of exploitation.
For Rakuten Casa version AP F V2 0 0, restrict access to HTTP connections from the WAN side to minimize the risk of exploitation.