Lucene search
K

466 matches found

Cvelist
Cvelist
added 2023/01/12 10:27 p.m.26 views

CVE-2023-22597

InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-319: Cleartext Transmission of Sensitive Information. They use an unsecured channel to communicate with the cloud platform by default. An...

6.5CVSS6.9AI score0.00513EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/01/12 12:0 a.m.4 views

PT-2023-1075 · Inhand Networks · Inrouter 615 +1

Name of the Vulnerable Software and Affected Versions: InHand Networks InRouter 302 versions prior to IR302 V3.5.56 InHand Networks InRouter 615 versions prior to InRouter6XX-S-V2.3.0.r5542 Description: The issue is related to improper neutralization of special elements used in an OS command, whi...

9CVSS7.2AI score0.01638EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/01/12 12:0 a.m.3 views

InHand Networks InRouter302 安全漏洞

The InHand Networks InRouter302 is an LTE cellular router from InHand Networks, Inc. A security vulnerability exists in the InHand Networks InRouter302 version prior to V3.5.56, InRouter615 version prior to V2.3.0.r5542, which stems from improper access control...

10CVSS8AI score0.00492EPSS
Exploits0References2
CISA
CISA
added 2023/01/12 12:0 a.m.17 views

CISA Releases Twelve Industrial Control Systems Advisories

CISA released twelve Industrial Control Systems ICS advisories on January 12, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for...

0.8AI score
Exploits0References12
Positive Technologies
Positive Technologies
added 2023/01/12 12:0 a.m.5 views

PT-2023-2790 · Inhand Networks · Inrouter 615 +1

Name of the Vulnerable Software and Affected Versions: InHand Networks InRouter 302 versions prior to IR302 V3.5.56 InHand Networks InRouter 615 versions prior to InRouter6XX-S-V2.3.0.r5542 Description: The issue is related to the use of insufficiently random values, specifically with the MQTT...

10CVSS8.2AI score0.00563EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2023/01/12 12:0 a.m.4 views

PT-2023-1283 · Inhand Networks · Inrouter 615 +1

Name of the Vulnerable Software and Affected Versions: InHand Networks InRouter 302 versions prior to IR302 V3.5.56 InHand Networks InRouter 615 versions prior to InRouter6XX-S-V2.3.0.r5542 Description: The issue is related to improper access control in the software of InHand Networks InRouter 30...

10CVSS8AI score0.00492EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2023/01/03 12:0 a.m.4 views

PT-2023-1274 · Inhand Networks · Inrouter302 +1

Name of the Vulnerable Software and Affected Versions: InHand Networks InRouter 302 versions prior to IR302 V3.5.56 InHand Networks InRouter 615 versions prior to InRouter6XX-S-V2.3.0.r5542 Description: The issue is related to the use of a one-way hash with a predictable salt, allowing an...

9.1CVSS9AI score0.00321EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/01/03 12:0 a.m.6 views

PT-2023-1275 · Inhand Networks · Inrouter302 +1

Name of the Vulnerable Software and Affected Versions: InHand Networks InRouter 302 versions prior to IR302 V3.5.56 InHand Networks InRouter 615 versions prior to InRouter6XX-S-V2.3.0.r5542 Description: The issue is related to the use of an unsecured channel for data transmission by default, whic...

6.5CVSS6.3AI score0.00513EPSS
Exploits0References5
Check Point Advisories
Check Point Advisories
added 2022/11/13 12:0 a.m.9 views

InHand Networks InRouter 900 Industrial 4G Router Command Injection (CVE-2022-27268; CVE-2022-27273; CVE-2022-27275; CVE-2022-27276)

A command injection vulnerability exists in InHand Networks InRouter 900 Industrial 4G Router. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

7.5CVSS6.2AI score0.03592EPSS
Exploits4
OSV
OSV
added 2022/11/09 6:15 p.m.5 views

CVE-2022-29888

A leftover debug code vulnerability exists in the httpd port 4444 upload.cgi functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted HTTP request can lead to arbitrary file deletion. An attacker can send an HTTP request to trigger this vulnerability...

8.1CVSS5.9AI score0.01487EPSS
Exploits1References2
NVD
NVD
added 2022/11/09 6:15 p.m.27 views

CVE-2022-30543

A leftover debug code vulnerability exists in the console infct functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted series of network requests can lead to execution of privileged operations. An attacker can send a sequence of requests to trigger this vulnerability...

8.8CVSS0.0085EPSS
Exploits1References2
NVD
NVD
added 2022/11/09 6:15 p.m.30 views

CVE-2022-28689

A leftover debug code vulnerability exists in the console support functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability...

8.8CVSS0.00905EPSS
Exploits0References2
NVD
NVD
added 2022/11/09 6:15 p.m.27 views

CVE-2022-29481

A leftover debug code vulnerability exists in the console nvram functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted series of network requests can lead to disabling security features. An attacker can send a sequence of requests to trigger this vulnerability...

6.5CVSS0.00765EPSS
Exploits1References2
NVD
NVD
added 2022/11/09 6:15 p.m.24 views

CVE-2022-25932

The firmware of InHand Networks InRouter302 V3.5.45 introduces fixes for TALOS-2022-1472 and TALOS-2022-1474. The fixes are incomplete. An attacker can still perform, respectively, a privilege escalation and an information disclosure vulnerability...

9.8CVSS0.00642EPSS
Exploits0References2
NVD
NVD
added 2022/11/09 6:15 p.m.15 views

CVE-2022-26023

A leftover debug code vulnerability exists in the console verify functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted series of network requests can lead to disabling security features. An attacker can send a sequence of requests to trigger this vulnerability...

6.5CVSS0.00771EPSS
Exploits1References2
Prion
Prion
added 2022/11/09 6:15 p.m.23 views

Information disclosure

The firmware of InHand Networks InRouter302 V3.5.45 introduces fixes for TALOS-2022-1472 and TALOS-2022-1474. The fixes are incomplete. An attacker can still perform, respectively, a privilege escalation and an information disclosure vulnerability...

7.5CVSS9.3AI score0.00642EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2022/11/09 6:15 p.m.22 views

Code injection

A leftover debug code vulnerability exists in the console verify functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted series of network requests can lead to disabling security features. An attacker can send a sequence of requests to trigger this vulnerability...

4CVSS6.4AI score0.00771EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/11/09 6:15 p.m.18 views

Code injection

A leftover debug code vulnerability exists in the console nvram functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted series of network requests can lead to disabling security features. An attacker can send a sequence of requests to trigger this vulnerability...

4CVSS6.4AI score0.00765EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/11/09 6:15 p.m.21 views

Design/Logic Flaw

A leftover debug code vulnerability exists in the httpd port 4444 upload.cgi functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted HTTP request can lead to arbitrary file deletion. An attacker can send an HTTP request to trigger this vulnerability...

5.5CVSS8.1AI score0.01487EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/11/09 6:15 p.m.21 views

Code injection

A leftover debug code vulnerability exists in the console support functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability...

6.5CVSS8.8AI score0.00905EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder