Lucene search
K

466 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-26737

Malicious code in bioql PyPI...

10CVSS8.2AI score0.00492EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-26738

Malicious code in bioql PyPI...

10CVSS8.5AI score0.00563EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-31780

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.03252EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-31781

Malicious code in bioql PyPI...

9.8CVSS9.5AI score0.03252EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-30576

Malicious code in bioql PyPI...

9.1CVSS8.2AI score0.05297EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/07/29 12:0 a.m.4 views

PT-2025-31190 · Undefined · Undefined

CISA Emergency Directive on Industrial Control Systems ICS CISA released Emergency Directive ED 25-03, addressing a critical remote code execution vulnerability CVE-2025-38810 in the "InHand Networks IR615" industrial cellular router. This device is commonly used for...

8.2AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:45 a.m.10 views

CVE-2023-22600

InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-284: Improper Access Control. They allow unauthenticated devices to subscribe to MQTT topics on the same network as the device manager. An...

10CVSS7.2AI score0.00492EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:45 a.m.12 views

CVE-2023-22598

InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection'. An unauthorized user with privileged access to the...

7.2CVSS8AI score0.01638EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:44 a.m.8 views

CVE-2023-22599

InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-760: Use of a One-way Hash with a Predictable Salt. They send MQTT credentials in response to HTTP/HTTPS requests from the cloud platform. These...

9.1CVSS7AI score0.00321EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:44 a.m.9 views

CVE-2023-22601

InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-330: Use of Insufficiently Random Values. They do not properly randomize MQTT ClientID parameters. An unauthorized user could calculate this...

10CVSS6.7AI score0.00563EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:51 p.m.10 views

CVE-2022-27277

InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain an arbitrary file deletion vulnerability via the function sub17C08...

9.1CVSS7.5AI score0.01352EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:36 p.m.12 views

CVE-2022-27270

InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution RCE vulnerability via the component ipsecsecrets. This vulnerability is triggered via a crafted packet...

9.8CVSS8.3AI score0.03252EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:36 p.m.10 views

CVE-2022-27269

InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution RCE vulnerability via the component configovpn. This vulnerability is triggered via a crafted packet...

9.8CVSS8.3AI score0.03592EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:52 p.m.9 views

CVE-2022-27268

InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution RCE vulnerability via the component getcgifrommemory. This vulnerability is triggered via a crafted packet...

9.8CVSS8.2AI score0.03592EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:52 p.m.4 views

CVE-2022-27273

InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution RCE vulnerability via the function sub12168. This vulnerability is triggered via a crafted packet...

9.8CVSS8.2AI score0.03252EPSS
Exploits1References1
The Hacker News
The Hacker News
added 2023/05/15 1:24 p.m.4 views

Industrial Cellular Routers at Risk: 11 New Vulnerabilities Expose OT Networks

Several security vulnerabilities have been disclosed in cloud management platforms associated with three industrial cellular router vendors that could expose operational technology OT networks to external attacks. The findings were presented by Israeli industrial cybersecurity firm OTORIO at the...

10CVSS9.2AI score0.01638EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2023/02/03 12:0 a.m.5 views

The vulnerability of InHand Networks InRouter 302 and InRouter 615’s microprogramming software, related to deficiencies in access control, allows attackers to execute arbitrary commands.

The vulnerability of InHand Networks InRouter 302 and InRouter 615 microprogrammed software lies in the lack of access control mechanisms. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

10CVSS8.2AI score0.00492EPSS
Exploits0References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/01/31 12:0 a.m.5 views

The vulnerability of the microprogrammed software consoles of InHand Networks’ InRouter302, due to security flaws in their mechanisms, allows attackers to execute arbitrary code or perform arbitrary commands.

The vulnerability of the microprogrammed software-based routers from InHand Networks, InRouter302, is related to deficiencies in security mechanisms. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or perform arbitrary commands using a specially created request...

9.9CVSS8.2AI score0.02479EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/01/31 12:0 a.m.3 views

The vulnerability of the info.jsp component of InHand Networks’ InRouter302 microprogramming system allows attackers to execute cross-site scripting attacks.

The vulnerability of the info.jsp component of InHand Networks InRouter302 microprogramming system lies in the insufficient protection of the web page structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially created web page...

5.8CVSS6AI score0.01362EPSS
Exploits1References4Affected Software1
The Hacker News
The Hacker News
added 2023/01/16 10:47 a.m.63 views

CISA Warns of Flaws Affecting Industrial Control Systems from Major Manufacturers

The U.S. Cybersecurity and Infrastructure Security Agency CISA has released several Industrial Control Systems ICS advisories warning of critical security flaws affecting products from Sewio, InHand Networks, Sauter Controls, and Siemens. The most severe of the flaws relate to Sewio's RTLS Studio...

10CVSS1.3AI score0.01236EPSS
Exploits0
Rows per page
Query Builder