Lucene search
TalosCVELIST:CVE-2022-26510HistoryMay 12, 2022 - 5:01 p.m.
CVE-2022-26510
2022-05-1217:01:48
CWE-347
talos
www.cve.org
5
firmware
update
vulnerability
inhand networks
inrouter302
http request
attack
CVSS3
9.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS
0.001
Percentile
18.2%
A firmware update vulnerability exists in the iburn firmware checks functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted HTTP request can lead to firmware update. An attacker can send a sequence of requests to trigger this vulnerability.
CNA Affected
[
{
"product": "InRouter302",
"vendor": "InHand Networks",
"versions": [
{
"status": "affected",
"version": "V3.5.37"
}
]
}
]Related
cve
cve
CVE-2022-26510
2022-05-12 17:15:10
talos
talos
cnvd
cnvd
InHand Networks InRouter302 Firmware Update Vulnerability
2022-05-16 00:00:00
prion
prion
Design/Logic Flaw
2022-05-12 17:15:00
nvd
nvd
CVE-2022-26510
2022-05-12 17:15:10
talosblog
talosblog
CVSS3
9.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS
0.001
Percentile
18.2%
Related for CVELIST:CVE-2022-26510