Inrouter302 Firmware

DATE	CVE	VULNERABILITY TITLE	RISK
2023-01-12	CVE-2023-22597	Unspecified vulnerability in Inhandnetworks Inrouter302 Firmware and Inrouter615-S Firmware InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-319: Cleartext Transmission of Sensitive Information. network high complexity inhandnetworks	5.9
2023-01-12	CVE-2023-22598	Unspecified vulnerability in Inhandnetworks Inrouter302 Firmware and Inrouter615-S Firmware InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'). network low complexity inhandnetworks	7.2
2023-01-12	CVE-2023-22599	Unspecified vulnerability in Inhandnetworks Inrouter302 Firmware and Inrouter615-S Firmware InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-760: Use of a One-way Hash with a Predictable Salt. network low complexity inhandnetworks critical	9.1
2023-01-12	CVE-2023-22600	Unspecified vulnerability in Inhandnetworks Inrouter302 Firmware and Inrouter615-S Firmware InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-284: Improper Access Control. network high complexity inhandnetworks	8.1
2023-01-12	CVE-2023-22601	Unspecified vulnerability in Inhandnetworks Inrouter302 Firmware and Inrouter615-S Firmware InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-330: Use of Insufficiently Random Values. They do not properly randomize MQTT ClientID parameters. network low complexity inhandnetworks	8.6
2022-11-09	CVE-2022-25932	Unspecified vulnerability in Inhandnetworks Inrouter302 Firmware 3.5.37/3.5.4/3.5.45 The firmware of InHand Networks InRouter302 V3.5.45 introduces fixes for TALOS-2022-1472 and TALOS-2022-1474. network low complexity inhandnetworks critical	9.8
2022-05-12	CVE-2022-21182	Unspecified vulnerability in Inhandnetworks Inrouter302 Firmware 3.5.4 A privilege escalation vulnerability exists in the router configuration import functionality of InHand Networks InRouter302 V3.5.4. network low complexity inhandnetworks	8.8
2022-05-12	CVE-2022-21238	Cross-site Scripting vulnerability in Inhandnetworks Inrouter302 Firmware 3.5.37/3.5.4 A cross-site scripting (xss) vulnerability exists in the info.jsp functionality of InHand Networks InRouter302 V3.5.4. network low complexity inhandnetworks CWE-79	6.1
2022-05-12	CVE-2022-21809	Unrestricted Upload of File with Dangerous Type vulnerability in Inhandnetworks Inrouter302 Firmware 3.5.37/3.5.4 A file write vulnerability exists in the httpd upload.cgi functionality of InHand Networks InRouter302 V3.5.4. network low complexity inhandnetworks CWE-434	8.1