Vulnerabilities > Inhandnetworks > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-12 | CVE-2023-22597 | Unspecified vulnerability in Inhandnetworks Inrouter302 Firmware and Inrouter615-S Firmware InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-319: Cleartext Transmission of Sensitive Information. | 5.9 |
| 2022-11-09 | CVE-2022-26023 | Unspecified vulnerability in Inhandnetworks Ir302 Firmware 3.5.45 A leftover debug code vulnerability exists in the console verify functionality of InHand Networks InRouter302 V3.5.45. | 6.5 |
| 2022-11-09 | CVE-2022-29481 | Unspecified vulnerability in Inhandnetworks Ir302 Firmware 3.5.45 A leftover debug code vulnerability exists in the console nvram functionality of InHand Networks InRouter302 V3.5.45. | 6.5 |
| 2022-05-12 | CVE-2022-21238 | Cross-site Scripting vulnerability in Inhandnetworks Inrouter302 Firmware 3.5.37/3.5.4 A cross-site scripting (xss) vulnerability exists in the info.jsp functionality of InHand Networks InRouter302 V3.5.4. | 6.1 |
| 2022-05-12 | CVE-2022-24910 | Classic Buffer Overflow vulnerability in Inhandnetworks Ir302 Firmware 3.5.37/3.5.4 A buffer overflow vulnerability exists in the httpd parse_ping_result API functionality of InHand Networks InRouter302 V3.5.4. | 6.7 |
| 2022-05-12 | CVE-2022-25172 | Incorrect Permission Assignment for Critical Resource vulnerability in Inhandnetworks Ir302 Firmware 3.5.4 An information disclosure vulnerability exists in the web interface session cookie functionality of InHand Networks InRouter302 V3.5.4. | 6.1 |
| 2022-05-12 | CVE-2022-26020 | Use of Hard-coded Credentials vulnerability in Inhandnetworks Ir302 Firmware 3.5.37 An information disclosure vulnerability exists in the router configuration export functionality of InHand Networks InRouter302 V3.5.4. | 6.5 |
| 2022-05-12 | CVE-2022-26510 | Improper Verification of Cryptographic Signature vulnerability in Inhandnetworks Ir302 Firmware 3.5.37 A firmware update vulnerability exists in the iburn firmware checks functionality of InHand Networks InRouter302 V3.5.37. | 6.5 |
| 2022-04-10 | CVE-2022-27280 | Cross-site Scripting vulnerability in Inhandnetworks Inrouter 900 Firmware InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the web_exec parameter at /apply.cgi. | 5.4 |
| 2021-10-19 | CVE-2021-38466 | Unspecified vulnerability in Inhandnetworks Ir615 Firmware 2.3.0.R4724/2.3.0.R4870 InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 do not perform sufficient input validation on client requests from the help page. | 6.1 |