Vulnerabilities > Inhandnetworks > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-10 | CVE-2022-27279 | Path Traversal vulnerability in Inhandnetworks Inrouter 900 Firmware InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain an arbitrary file read via the function sub_177E0. | 7.5 |
| 2021-10-19 | CVE-2021-38464 | Inadequate Encryption Strength vulnerability in Inhandnetworks Ir615 Firmware 2.3.0.R4724/2.3.0.R4870 InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 have inadequate encryption strength, which may allow an attacker to intercept the communication and steal sensitive information or hijack the session. | 7.4 |
| 2021-10-19 | CVE-2021-38480 | Unspecified vulnerability in Inhandnetworks Ir615 Firmware 2.3.0.R4724/2.3.0.R4870 InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 are vulnerable to cross-site request forgery when unauthorized commands are submitted from a user the web application trusts. | 8.8 |
| 2021-10-19 | CVE-2021-38484 | Unrestricted Upload of File with Dangerous Type vulnerability in Inhandnetworks Ir615 Firmware 2.3.0.R4724/2.3.0.R4870 InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 do not have a filter or signature check to detect or prevent an upload of malicious files to the server, which may allow an attacker, acting as an administrator, to upload malicious files. | 7.2 |
| 2021-10-19 | CVE-2021-38486 | Missing Authorization vulnerability in Inhandnetworks Ir615 Firmware 2.3.0.R4724/2.3.0.R4870 InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 cloud portal allows for self-registration of the affected product without any requirements to create an account, which may allow an attacker to have full control over the product and execute code within the internal network to which the product is connected. | 8.5 |