Filtered by vendor Inhandnetworks
Subscriptions
Filtered by product Ir302
Subscriptions
Total
21 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-29481 | 1 Inhandnetworks | 2 Ir302, Ir302 Firmware | 2024-09-17 | 6.5 Medium |
A leftover debug code vulnerability exists in the console nvram functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted series of network requests can lead to disabling security features. An attacker can send a sequence of requests to trigger this vulnerability. | ||||
CVE-2022-26002 | 1 Inhandnetworks | 2 Ir302, Ir302 Firmware | 2024-09-17 | 7.2 High |
A stack-based buffer overflow vulnerability exists in the console factory functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to remote code execution. An attacker can send a sequence of malicious packets to trigger this vulnerability. | ||||
CVE-2022-26023 | 1 Inhandnetworks | 2 Ir302, Ir302 Firmware | 2024-09-17 | 6.5 Medium |
A leftover debug code vulnerability exists in the console verify functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted series of network requests can lead to disabling security features. An attacker can send a sequence of requests to trigger this vulnerability. | ||||
CVE-2022-26518 | 1 Inhandnetworks | 2 Ir302, Ir302 Firmware | 2024-09-17 | 8.8 High |
An OS command injection vulnerability exists in the console infactory_net functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. | ||||
CVE-2022-26075 | 1 Inhandnetworks | 2 Ir302, Ir302 Firmware | 2024-09-17 | 8.8 High |
An OS command injection vulnerability exists in the console infactory_wlan functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. | ||||
CVE-2022-26782 | 1 Inhandnetworks | 2 Ir302, Ir302 Firmware | 2024-09-17 | 8.8 High |
Multiple improper input validation vulnerabilities exists in the libnvram.so nvram_import functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.An improper input validation vulnerability exists in the `httpd`'s `user_define_set_item` function. Controlling the `user_define_timeout` nvram variable can lead to remote code execution. | ||||
CVE-2022-26085 | 1 Inhandnetworks | 2 Ir302, Ir302 Firmware | 2024-09-17 | 8.8 High |
An OS command injection vulnerability exists in the httpd wlscan_ASP functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability. | ||||
CVE-2022-26420 | 1 Inhandnetworks | 2 Ir302, Ir302 Firmware | 2024-09-17 | 8.8 High |
An OS command injection vulnerability exists in the console infactory_port functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. | ||||
CVE-2022-26007 | 1 Inhandnetworks | 2 Ir302, Ir302 Firmware | 2024-09-16 | 7.2 High |
An OS command injection vulnerability exists in the console factory functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to command execution. An attacker can send a sequence of requests to trigger this vulnerability. | ||||
CVE-2022-25995 | 1 Inhandnetworks | 2 Ir302, Ir302 Firmware | 2024-09-16 | 8.8 High |
A command execution vulnerability exists in the console inhand functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability. | ||||
CVE-2022-27172 | 1 Inhandnetworks | 2 Ir302, Ir302 Firmware | 2024-09-16 | 8.8 High |
A hard-coded password vulnerability exists in the console infactory functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted network request can lead to privileged operation execution. An attacker can send a sequence of requests to trigger this vulnerability. | ||||
CVE-2022-26780 | 1 Inhandnetworks | 2 Ir302, Ir302 Firmware | 2024-09-16 | 8.8 High |
Multiple improper input validation vulnerabilities exists in the libnvram.so nvram_import functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.An improper input validation vulnerability exists in the `httpd`'s `user_define_init` function. Controlling the `user_define_timeout` nvram variable can lead to remote code execution. | ||||
CVE-2022-28689 | 1 Inhandnetworks | 2 Ir302, Ir302 Firmware | 2024-09-16 | 8.8 High |
A leftover debug code vulnerability exists in the console support functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability. | ||||
CVE-2022-29888 | 1 Inhandnetworks | 2 Ir302, Ir302 Firmware | 2024-09-16 | 8.1 High |
A leftover debug code vulnerability exists in the httpd port 4444 upload.cgi functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted HTTP request can lead to arbitrary file deletion. An attacker can send an HTTP request to trigger this vulnerability. | ||||
CVE-2022-26020 | 1 Inhandnetworks | 2 Ir302, Ir302 Firmware | 2024-09-16 | 6.5 Medium |
An information disclosure vulnerability exists in the router configuration export functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to increased privileges. An attacker can send an HTTP request to trigger this vulnerability. | ||||
CVE-2022-30543 | 1 Inhandnetworks | 2 Ir302, Ir302 Firmware | 2024-09-16 | 8.8 High |
A leftover debug code vulnerability exists in the console infct functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted series of network requests can lead to execution of privileged operations. An attacker can send a sequence of requests to trigger this vulnerability. | ||||
CVE-2022-24910 | 1 Inhandnetworks | 2 Ir302, Ir302 Firmware | 2024-09-16 | 6.7 Medium |
A buffer overflow vulnerability exists in the httpd parse_ping_result API functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. | ||||
CVE-2022-26510 | 1 Inhandnetworks | 2 Ir302, Ir302 Firmware | 2024-09-16 | 6.5 Medium |
A firmware update vulnerability exists in the iburn firmware checks functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted HTTP request can lead to firmware update. An attacker can send a sequence of requests to trigger this vulnerability. | ||||
CVE-2022-26781 | 1 Inhandnetworks | 2 Ir302, Ir302 Firmware | 2024-09-16 | 8.8 High |
Multiple improper input validation vulnerabilities exists in the libnvram.so nvram_import functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.An improper input validation vulnerability exists in the `httpd`'s `user_define_print` function. Controlling the `user_define_timeout` nvram variable can lead to remote code execution. | ||||
CVE-2022-26042 | 1 Inhandnetworks | 2 Ir302, Ir302 Firmware | 2024-09-16 | 8.8 High |
An OS command injection vulnerability exists in the daretools binary functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability. |