Vulnerabilities > Inhandnetworks > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-12 | CVE-2023-22597 | Cleartext Transmission of Sensitive Information vulnerability in Inhandnetworks Inrouter302 Firmware and Inrouter615-S Firmware InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-319: Cleartext Transmission of Sensitive Information. | 5.9 |
| 2022-11-09 | CVE-2022-26023 | Unspecified vulnerability in Inhandnetworks Ir302 Firmware 3.5.45 A leftover debug code vulnerability exists in the console verify functionality of InHand Networks InRouter302 V3.5.45. | 6.5 |
| 2022-11-09 | CVE-2022-29481 | Unspecified vulnerability in Inhandnetworks Ir302 Firmware 3.5.45 A leftover debug code vulnerability exists in the console nvram functionality of InHand Networks InRouter302 V3.5.45. | 6.5 |
| 2022-05-12 | CVE-2022-21238 | Cross-site Scripting vulnerability in Inhandnetworks Inrouter302 Firmware 3.5.37/3.5.4 A cross-site scripting (xss) vulnerability exists in the info.jsp functionality of InHand Networks InRouter302 V3.5.4. | 4.3 |
| 2022-05-12 | CVE-2022-21809 | Unrestricted Upload of File with Dangerous Type vulnerability in Inhandnetworks Inrouter302 Firmware 3.5.37/3.5.4 A file write vulnerability exists in the httpd upload.cgi functionality of InHand Networks InRouter302 V3.5.4. | 5.5 |
| 2022-05-12 | CVE-2022-24910 | Classic Buffer Overflow vulnerability in Inhandnetworks Ir302 Firmware A buffer overflow vulnerability exists in the httpd parse_ping_result API functionality of InHand Networks InRouter302 V3.5.4. | 4.6 |
| 2022-05-12 | CVE-2022-25172 | Incorrect Permission Assignment for Critical Resource vulnerability in Inhandnetworks Ir302 Firmware An information disclosure vulnerability exists in the web interface session cookie functionality of InHand Networks InRouter302 V3.5.4. | 6.1 |
| 2022-05-12 | CVE-2022-26002 | Out-of-bounds Write vulnerability in Inhandnetworks Ir302 Firmware 3.5.4 A stack-based buffer overflow vulnerability exists in the console factory functionality of InHand Networks InRouter302 V3.5.4. | 6.5 |
| 2022-05-12 | CVE-2022-26020 | Use of Hard-coded Credentials vulnerability in Inhandnetworks Ir302 Firmware 3.5.37 An information disclosure vulnerability exists in the router configuration export functionality of InHand Networks InRouter302 V3.5.4. | 6.5 |
| 2022-05-12 | CVE-2022-26042 | OS Command Injection vulnerability in Inhandnetworks Ir302 Firmware 3.5.37 An OS command injection vulnerability exists in the daretools binary functionality of InHand Networks InRouter302 V3.5.4. | 6.5 |