Vulnerabilities > Inhandnetworks
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-09 | CVE-2022-30543 | Unspecified vulnerability in Inhandnetworks Ir302 Firmware 3.5.45 A leftover debug code vulnerability exists in the console infct functionality of InHand Networks InRouter302 V3.5.45. | 8.8 |
| 2022-05-12 | CVE-2022-21182 | Unspecified vulnerability in Inhandnetworks Inrouter302 Firmware 3.5.4 A privilege escalation vulnerability exists in the router configuration import functionality of InHand Networks InRouter302 V3.5.4. | 8.8 |
| 2022-05-12 | CVE-2022-21238 | Cross-site Scripting vulnerability in Inhandnetworks Inrouter302 Firmware 3.5.37/3.5.4 A cross-site scripting (xss) vulnerability exists in the info.jsp functionality of InHand Networks InRouter302 V3.5.4. | 6.1 |
| 2022-05-12 | CVE-2022-21809 | Unrestricted Upload of File with Dangerous Type vulnerability in Inhandnetworks Inrouter302 Firmware 3.5.37/3.5.4 A file write vulnerability exists in the httpd upload.cgi functionality of InHand Networks InRouter302 V3.5.4. | 8.1 |
| 2022-05-12 | CVE-2022-24910 | Classic Buffer Overflow vulnerability in Inhandnetworks Ir302 Firmware 3.5.37/3.5.4 A buffer overflow vulnerability exists in the httpd parse_ping_result API functionality of InHand Networks InRouter302 V3.5.4. | 6.7 |
| 2022-05-12 | CVE-2022-25172 | Incorrect Permission Assignment for Critical Resource vulnerability in Inhandnetworks Ir302 Firmware 3.5.4 An information disclosure vulnerability exists in the web interface session cookie functionality of InHand Networks InRouter302 V3.5.4. | 6.1 |
| 2022-05-12 | CVE-2022-25995 | Unspecified vulnerability in Inhandnetworks Ir302 Firmware 3.5.4 A command execution vulnerability exists in the console inhand functionality of InHand Networks InRouter302 V3.5.4. | 8.8 |
| 2022-05-12 | CVE-2022-26002 | Out-of-bounds Write vulnerability in Inhandnetworks Ir302 Firmware 3.5.4 A stack-based buffer overflow vulnerability exists in the console factory functionality of InHand Networks InRouter302 V3.5.4. | 7.2 |
| 2022-05-12 | CVE-2022-26007 | OS Command Injection vulnerability in Inhandnetworks Ir302 Firmware 3.5.4 An OS command injection vulnerability exists in the console factory functionality of InHand Networks InRouter302 V3.5.4. | 7.2 |
| 2022-05-12 | CVE-2022-26020 | Use of Hard-coded Credentials vulnerability in Inhandnetworks Ir302 Firmware 3.5.37 An information disclosure vulnerability exists in the router configuration export functionality of InHand Networks InRouter302 V3.5.4. | 6.5 |