Vulnerabilities > Inhandnetworks > High

DATE CVE VULNERABILITY TITLE RISK
2023-01-12 CVE-2023-22598 Unspecified vulnerability in Inhandnetworks Inrouter302 Firmware and Inrouter615-S Firmware
InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection').
network
low complexity
inhandnetworks
7.2
7.2
2023-01-12 CVE-2023-22600 Unspecified vulnerability in Inhandnetworks Inrouter302 Firmware and Inrouter615-S Firmware
InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-284: Improper Access Control.
network
high complexity
inhandnetworks
8.1
8.1
2023-01-12 CVE-2023-22601 Unspecified vulnerability in Inhandnetworks Inrouter302 Firmware and Inrouter615-S Firmware
InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-330: Use of Insufficiently Random Values. They do not properly randomize MQTT ClientID parameters.
network
low complexity
inhandnetworks
8.6
8.6
2022-11-09 CVE-2022-28689 Unspecified vulnerability in Inhandnetworks Ir302 Firmware 3.5.45
A leftover debug code vulnerability exists in the console support functionality of InHand Networks InRouter302 V3.5.45.
network
low complexity
inhandnetworks
8.8
8.8
2022-11-09 CVE-2022-29888 Unspecified vulnerability in Inhandnetworks Ir302 Firmware 3.5.45
A leftover debug code vulnerability exists in the httpd port 4444 upload.cgi functionality of InHand Networks InRouter302 V3.5.45.
network
low complexity
inhandnetworks
8.1
8.1
2022-11-09 CVE-2022-30543 Unspecified vulnerability in Inhandnetworks Ir302 Firmware 3.5.45
A leftover debug code vulnerability exists in the console infct functionality of InHand Networks InRouter302 V3.5.45.
network
low complexity
inhandnetworks
8.8
8.8
2022-05-12 CVE-2022-21182 Unspecified vulnerability in Inhandnetworks Inrouter302 Firmware 3.5.4
A privilege escalation vulnerability exists in the router configuration import functionality of InHand Networks InRouter302 V3.5.4.
network
low complexity
inhandnetworks
8.8
8.8
2022-05-12 CVE-2022-21809 Unrestricted Upload of File with Dangerous Type vulnerability in Inhandnetworks Inrouter302 Firmware 3.5.37/3.5.4
A file write vulnerability exists in the httpd upload.cgi functionality of InHand Networks InRouter302 V3.5.4.
network
low complexity
inhandnetworks CWE-434
8.1
8.1
2022-05-12 CVE-2022-25995 Unspecified vulnerability in Inhandnetworks Ir302 Firmware 3.5.4
A command execution vulnerability exists in the console inhand functionality of InHand Networks InRouter302 V3.5.4.
network
low complexity
inhandnetworks
8.8
8.8
2022-05-12 CVE-2022-26002 Out-of-bounds Write vulnerability in Inhandnetworks Ir302 Firmware 3.5.4
A stack-based buffer overflow vulnerability exists in the console factory functionality of InHand Networks InRouter302 V3.5.4.
network
low complexity
inhandnetworks CWE-787
7.2
7.2