InHand Networks InRouter Series is a series of routers from InHand Networks, Inc. An information disclosure vulnerability exists in InHand Networks InRouter302 V3.5.4, which stems from the lack of the HttpOnly flag in the session cookie, which could be exploited by an attacker to The vulnerability stems from the lack of HttpOnly flag in the session cookie, which can be exploited by attackers to obtain the session cookie.