Vulnerabilities > Inhandnetworks

DATE CVE VULNERABILITY TITLE RISK
2022-11-09 CVE-2022-30543 Unspecified vulnerability in Inhandnetworks Ir302 Firmware 3.5.45
A leftover debug code vulnerability exists in the console infct functionality of InHand Networks InRouter302 V3.5.45.
network
low complexity
inhandnetworks
8.8
2022-05-12 CVE-2022-21182 Unspecified vulnerability in Inhandnetworks Inrouter302 Firmware 3.5.4
A privilege escalation vulnerability exists in the router configuration import functionality of InHand Networks InRouter302 V3.5.4.
network
low complexity
inhandnetworks
8.8
2022-05-12 CVE-2022-21238 Cross-site Scripting vulnerability in Inhandnetworks Inrouter302 Firmware 3.5.37/3.5.4
A cross-site scripting (xss) vulnerability exists in the info.jsp functionality of InHand Networks InRouter302 V3.5.4.
4.3
2022-05-12 CVE-2022-21809 Unrestricted Upload of File with Dangerous Type vulnerability in Inhandnetworks Inrouter302 Firmware 3.5.37/3.5.4
A file write vulnerability exists in the httpd upload.cgi functionality of InHand Networks InRouter302 V3.5.4.
network
low complexity
inhandnetworks CWE-434
5.5
2022-05-12 CVE-2022-24910 Classic Buffer Overflow vulnerability in Inhandnetworks Ir302 Firmware
A buffer overflow vulnerability exists in the httpd parse_ping_result API functionality of InHand Networks InRouter302 V3.5.4.
local
low complexity
inhandnetworks CWE-120
4.6
2022-05-12 CVE-2022-25172 Incorrect Permission Assignment for Critical Resource vulnerability in Inhandnetworks Ir302 Firmware
An information disclosure vulnerability exists in the web interface session cookie functionality of InHand Networks InRouter302 V3.5.4.
network
low complexity
inhandnetworks CWE-732
6.1
2022-05-12 CVE-2022-25995 Unspecified vulnerability in Inhandnetworks Ir302 Firmware 3.5.4
A command execution vulnerability exists in the console inhand functionality of InHand Networks InRouter302 V3.5.4.
network
low complexity
inhandnetworks
critical
9.0
2022-05-12 CVE-2022-26002 Out-of-bounds Write vulnerability in Inhandnetworks Ir302 Firmware 3.5.4
A stack-based buffer overflow vulnerability exists in the console factory functionality of InHand Networks InRouter302 V3.5.4.
network
low complexity
inhandnetworks CWE-787
6.5
2022-05-12 CVE-2022-26007 OS Command Injection vulnerability in Inhandnetworks Ir302 Firmware 3.5.4
An OS command injection vulnerability exists in the console factory functionality of InHand Networks InRouter302 V3.5.4.
network
low complexity
inhandnetworks CWE-78
critical
9.0
2022-05-12 CVE-2022-26020 Use of Hard-coded Credentials vulnerability in Inhandnetworks Ir302 Firmware 3.5.37
An information disclosure vulnerability exists in the router configuration export functionality of InHand Networks InRouter302 V3.5.4.
network
low complexity
inhandnetworks CWE-798
6.5