Vulnerabilities > Inhandnetworks
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-12 | CVE-2023-22597 | Cleartext Transmission of Sensitive Information vulnerability in Inhandnetworks Inrouter302 Firmware and Inrouter615-S Firmware InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-319: Cleartext Transmission of Sensitive Information. | 5.9 |
| 2023-01-12 | CVE-2023-22598 | OS Command Injection vulnerability in Inhandnetworks Inrouter302 Firmware and Inrouter615-S Firmware InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'). | 7.2 |
| 2023-01-12 | CVE-2023-22599 | Use of a One-Way Hash with a Predictable Salt vulnerability in Inhandnetworks Inrouter302 Firmware and Inrouter615-S Firmware InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-760: Use of a One-way Hash with a Predictable Salt. | 9.1 |
| 2023-01-12 | CVE-2023-22600 | Unspecified vulnerability in Inhandnetworks Inrouter302 Firmware and Inrouter615-S Firmware InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-284: Improper Access Control. | 8.1 |
| 2023-01-12 | CVE-2023-22601 | Use of Insufficiently Random Values vulnerability in Inhandnetworks Inrouter302 Firmware and Inrouter615-S Firmware InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-330: Use of Insufficiently Random Values. They do not properly randomize MQTT ClientID parameters. | 8.6 |
| 2022-11-09 | CVE-2022-25932 | Unspecified vulnerability in Inhandnetworks Inrouter302 Firmware 3.5.37/3.5.4/3.5.45 The firmware of InHand Networks InRouter302 V3.5.45 introduces fixes for TALOS-2022-1472 and TALOS-2022-1474. | 9.8 |
| 2022-11-09 | CVE-2022-26023 | Unspecified vulnerability in Inhandnetworks Ir302 Firmware 3.5.45 A leftover debug code vulnerability exists in the console verify functionality of InHand Networks InRouter302 V3.5.45. | 6.5 |
| 2022-11-09 | CVE-2022-28689 | Unspecified vulnerability in Inhandnetworks Ir302 Firmware 3.5.45 A leftover debug code vulnerability exists in the console support functionality of InHand Networks InRouter302 V3.5.45. | 8.8 |
| 2022-11-09 | CVE-2022-29481 | Unspecified vulnerability in Inhandnetworks Ir302 Firmware 3.5.45 A leftover debug code vulnerability exists in the console nvram functionality of InHand Networks InRouter302 V3.5.45. | 6.5 |
| 2022-11-09 | CVE-2022-29888 | Unspecified vulnerability in Inhandnetworks Ir302 Firmware 3.5.45 A leftover debug code vulnerability exists in the httpd port 4444 upload.cgi functionality of InHand Networks InRouter302 V3.5.45. | 8.1 |