Vulnerabilities > Inhandnetworks > Ir302 Firmware > 3.5.4

DATE CVE VULNERABILITY TITLE RISK
2022-05-12 CVE-2022-24910 Classic Buffer Overflow vulnerability in Inhandnetworks Ir302 Firmware 3.5.37/3.5.4
A buffer overflow vulnerability exists in the httpd parse_ping_result API functionality of InHand Networks InRouter302 V3.5.4.
local
low complexity
inhandnetworks CWE-120
6.7
6.7
2022-05-12 CVE-2022-25172 Incorrect Permission Assignment for Critical Resource vulnerability in Inhandnetworks Ir302 Firmware 3.5.4
An information disclosure vulnerability exists in the web interface session cookie functionality of InHand Networks InRouter302 V3.5.4.
network
low complexity
inhandnetworks CWE-732
6.1
6.1
2022-05-12 CVE-2022-25995 Unspecified vulnerability in Inhandnetworks Ir302 Firmware 3.5.4
A command execution vulnerability exists in the console inhand functionality of InHand Networks InRouter302 V3.5.4.
network
low complexity
inhandnetworks
8.8
8.8
2022-05-12 CVE-2022-26002 Out-of-bounds Write vulnerability in Inhandnetworks Ir302 Firmware 3.5.4
A stack-based buffer overflow vulnerability exists in the console factory functionality of InHand Networks InRouter302 V3.5.4.
network
low complexity
inhandnetworks CWE-787
7.2
7.2
2022-05-12 CVE-2022-26007 OS Command Injection vulnerability in Inhandnetworks Ir302 Firmware 3.5.4
An OS command injection vulnerability exists in the console factory functionality of InHand Networks InRouter302 V3.5.4.
network
low complexity
inhandnetworks CWE-78
7.2
7.2
2022-05-12 CVE-2022-26780 Improper Input Validation vulnerability in Inhandnetworks Ir302 Firmware 3.5.37/3.5.4
Multiple improper input validation vulnerabilities exists in the libnvram.so nvram_import functionality of InHand Networks InRouter302 V3.5.4.
network
low complexity
inhandnetworks CWE-20
8.8
8.8
2022-05-12 CVE-2022-26781 Out-of-bounds Write vulnerability in Inhandnetworks Ir302 Firmware 3.5.37/3.5.4
Multiple improper input validation vulnerabilities exists in the libnvram.so nvram_import functionality of InHand Networks InRouter302 V3.5.4.
network
low complexity
inhandnetworks CWE-787
8.8
8.8
2022-05-12 CVE-2022-26782 Out-of-bounds Write vulnerability in Inhandnetworks Ir302 Firmware 3.5.37/3.5.4
Multiple improper input validation vulnerabilities exists in the libnvram.so nvram_import functionality of InHand Networks InRouter302 V3.5.4.
network
low complexity
inhandnetworks CWE-787
8.8
8.8
2022-05-12 CVE-2022-27172 Use of Hard-coded Credentials vulnerability in Inhandnetworks Ir302 Firmware 3.5.37/3.5.4
A hard-coded password vulnerability exists in the console infactory functionality of InHand Networks InRouter302 V3.5.37.
network
low complexity
inhandnetworks CWE-798
8.8
8.8