Lucene search
TalosCVELIST:CVE-2022-26075HistoryMay 12, 2022 - 5:01 p.m.
CVE-2022-26075
2022-05-1217:01:43
CWE-78
talos
www.cve.org
2
command injection
network requests
remote code execution
CVSS3
9.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS
0.003
Percentile
69.0%
An OS command injection vulnerability exists in the console infactory_wlan functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.
CNA Affected
[
{
"product": "InRouter302",
"vendor": "InHand Networks",
"versions": [
{
"status": "affected",
"version": "V3.5.37"
}
]
}
]Related
cnvd
cnvd
talos
talos
nvd
nvd
CVE-2022-26075
2022-05-12 17:15:10
cve
cve
CVE-2022-26075
2022-05-12 17:15:10
prion
prion
Command injection
2022-05-12 17:15:00
talosblog
talosblog
CVSS3
9.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS
0.003
Percentile
69.0%
Related for CVELIST:CVE-2022-26075