2.3.0.R4870

CVSS 6.1 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

inhandnetworks

NVD

Published: 2021-10-19

Updated: 2024-11-21

Summary

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 do not perform sufficient input validation on client requests from the help page. This may allow an attacker to perform a reflected cross-site scripting attack, which could allow an attacker to run code on behalf of the client browser.

Vulnerable Configurations

Part	Description	Count
OS	Inhandnetworks Inhandnetworks Ir615 Firmware 2.3.0.R4724 Inhandnetworks Ir615 Firmware 2.3.0.R4870	2
Hardware	Inhandnetworks Inhandnetworks Ir615 -	1

References

https://us-cert.cisa.gov/ics/advisories/icsa-21-280-05
https://us-cert.cisa.gov/ics/advisories/icsa-21-280-05