Vulnerabilities > Inhandnetworks > Ir302 Firmware > 3.5.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-05-12 | CVE-2022-24910 | Classic Buffer Overflow vulnerability in Inhandnetworks Ir302 Firmware 3.5.37/3.5.4 A buffer overflow vulnerability exists in the httpd parse_ping_result API functionality of InHand Networks InRouter302 V3.5.4. | 6.7 |
2022-05-12 | CVE-2022-25172 | Incorrect Permission Assignment for Critical Resource vulnerability in Inhandnetworks Ir302 Firmware 3.5.4 An information disclosure vulnerability exists in the web interface session cookie functionality of InHand Networks InRouter302 V3.5.4. | 6.1 |
2022-05-12 | CVE-2022-25995 | Unspecified vulnerability in Inhandnetworks Ir302 Firmware 3.5.4 A command execution vulnerability exists in the console inhand functionality of InHand Networks InRouter302 V3.5.4. | 8.8 |
2022-05-12 | CVE-2022-26002 | Out-of-bounds Write vulnerability in Inhandnetworks Ir302 Firmware 3.5.4 A stack-based buffer overflow vulnerability exists in the console factory functionality of InHand Networks InRouter302 V3.5.4. | 7.2 |
2022-05-12 | CVE-2022-26007 | OS Command Injection vulnerability in Inhandnetworks Ir302 Firmware 3.5.4 An OS command injection vulnerability exists in the console factory functionality of InHand Networks InRouter302 V3.5.4. | 7.2 |
2022-05-12 | CVE-2022-26780 | Improper Input Validation vulnerability in Inhandnetworks Ir302 Firmware 3.5.37/3.5.4 Multiple improper input validation vulnerabilities exists in the libnvram.so nvram_import functionality of InHand Networks InRouter302 V3.5.4. | 8.8 |
2022-05-12 | CVE-2022-26781 | Out-of-bounds Write vulnerability in Inhandnetworks Ir302 Firmware 3.5.37/3.5.4 Multiple improper input validation vulnerabilities exists in the libnvram.so nvram_import functionality of InHand Networks InRouter302 V3.5.4. | 8.8 |
2022-05-12 | CVE-2022-26782 | Out-of-bounds Write vulnerability in Inhandnetworks Ir302 Firmware 3.5.37/3.5.4 Multiple improper input validation vulnerabilities exists in the libnvram.so nvram_import functionality of InHand Networks InRouter302 V3.5.4. | 8.8 |
2022-05-12 | CVE-2022-27172 | Use of Hard-coded Credentials vulnerability in Inhandnetworks Ir302 Firmware 3.5.37/3.5.4 A hard-coded password vulnerability exists in the console infactory functionality of InHand Networks InRouter302 V3.5.37. | 8.8 |