Vulnerabilities > Inhandnetworks > Ir302 Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2022-05-12 CVE-2022-26518 OS Command Injection vulnerability in Inhandnetworks Ir302 Firmware 3.5.37
An OS command injection vulnerability exists in the console infactory_net functionality of InHand Networks InRouter302 V3.5.37.
network
low complexity
inhandnetworks CWE-78
8.8
8.8
2022-05-12 CVE-2022-26780 Improper Input Validation vulnerability in Inhandnetworks Ir302 Firmware 3.5.37/3.5.4
Multiple improper input validation vulnerabilities exists in the libnvram.so nvram_import functionality of InHand Networks InRouter302 V3.5.4.
network
low complexity
inhandnetworks CWE-20
8.8
8.8
2022-05-12 CVE-2022-26781 Out-of-bounds Write vulnerability in Inhandnetworks Ir302 Firmware 3.5.37/3.5.4
Multiple improper input validation vulnerabilities exists in the libnvram.so nvram_import functionality of InHand Networks InRouter302 V3.5.4.
network
low complexity
inhandnetworks CWE-787
8.8
8.8
2022-05-12 CVE-2022-26782 Out-of-bounds Write vulnerability in Inhandnetworks Ir302 Firmware 3.5.37/3.5.4
Multiple improper input validation vulnerabilities exists in the libnvram.so nvram_import functionality of InHand Networks InRouter302 V3.5.4.
network
low complexity
inhandnetworks CWE-787
8.8
8.8
2022-05-12 CVE-2022-27172 Use of Hard-coded Credentials vulnerability in Inhandnetworks Ir302 Firmware 3.5.37/3.5.4
A hard-coded password vulnerability exists in the console infactory functionality of InHand Networks InRouter302 V3.5.37.
network
low complexity
inhandnetworks CWE-798
8.8
8.8