Lucene search
K

466 matches found

Positive Technologies
Positive Technologies
added 2022/04/10 12:0 a.m.5 views

PT-2022-18346 · Inhand Networks · Inrouter 900 Industrial 4G Router

Name of the Vulnerable Software and Affected Versions: InHand Networks InRouter 900 Industrial 4G Router versions prior to v1.0.0.r11700 Description: The issue is related to a remote code execution RCE vulnerability. It is triggered via a crafted packet and involves the function sub 1791C...

9.8CVSS9.6AI score0.03252EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/04/10 12:0 a.m.5 views

InHand Networks InRouter 900 操作系统命令注入漏洞

The InHand Networks InRouter 900 is a series of industrial routers from InHand Networks, U.S.A. A security vulnerability exists in the InHand Networks InRouter 900 Industrial 4G Router, and no details of the vulnerability are currently available...

9.8CVSS5.5AI score0.03252EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/04/10 12:0 a.m.6 views

PT-2022-18349 · Inhand Networks · Inrouter 900 Industrial 4G Router

Name of the Vulnerable Software and Affected Versions: InHand Networks InRouter 900 Industrial 4G Router versions prior to v1.0.0.r11700 Description: The issue is related to a remote code execution vulnerability. It is triggered via a crafted packet and involves the function sub 122D0...

9.8CVSS9.6AI score0.03252EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2022/04/10 12:0 a.m.6 views

PT-2022-18345 · Inhand Networks · Inrouter 900

Name of the Vulnerable Software and Affected Versions: InHand Networks InRouter 900 Industrial 4G Router versions prior to v1.0.0.r11700 Description: The issue is related to a remote code execution vulnerability triggered by a crafted packet via the python-lib component. Recommendations: For...

9.8CVSS9.6AI score0.03252EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2022/04/10 12:0 a.m.5 views

PT-2022-18347 · Inhand Networks · Inrouter 900 Industrial 4G Router

Name of the Vulnerable Software and Affected Versions: InHand Networks InRouter 900 Industrial 4G Router versions prior to 1.0.0.r11700 Description: A remote code execution issue was discovered, which can be triggered by a crafted packet via the function sub 12168. Recommendations: For versions...

9.8CVSS9.6AI score0.03252EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2022/04/10 12:0 a.m.6 views

PT-2022-18341 · Inhand Networks · Inrouter 900 Industrial 4G Router

Name of the Vulnerable Software and Affected Versions: InHand Networks InRouter 900 Industrial 4G Router versions prior to 1.0.0.r11700 Description: A remote code execution issue was discovered in the get cgi from memory component. This issue can be triggered by a crafted packet, allowing for...

9.8CVSS9.6AI score0.03592EPSS
Exploits1References4
NVD
NVD
added 2021/10/19 1:15 p.m.11 views

CVE-2021-38470

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 are vulnerable to an attacker using a ping tool to inject commands into the device. This may allow the attacker to remotely run commands on behalf of the device...

9.1CVSS0.01091EPSS
Exploits0References1
OSV
OSV
added 2021/10/19 1:15 p.m.6 views

CVE-2021-38484

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 do not have a filter or signature check to detect or prevent an upload of malicious files to the server, which may allow an attacker, acting as an administrator, to upload malicious files. This could result in cross-site scriptin...

7.2CVSS7.3AI score
Exploits0References1
OSV
OSV
added 2021/10/19 1:15 p.m.6 views

CVE-2021-38476

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 authentication process response indicates and validates the existence of a username. This may allow an attacker to enumerate different user accounts...

5.3CVSS5.8AI score0.00736EPSS
Exploits0References1
NVD
NVD
added 2021/10/19 1:15 p.m.10 views

CVE-2021-38468

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 are vulnerable to stored cross-scripting, which may allow an attacker to hijack sessions of users connected to the system...

8.7CVSS0.00537EPSS
Exploits0References1
NVD
NVD
added 2021/10/19 1:15 p.m.16 views

CVE-2021-38478

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 are vulnerable to an attacker using a traceroute tool to inject commands into the device. This may allow the attacker to remotely run commands on behalf of the device...

9.1CVSS0.01091EPSS
Exploits0References1
NVD
NVD
added 2021/10/19 1:15 p.m.12 views

CVE-2021-38474

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 have has no account lockout policy configured for the login page of the product. This may allow an attacker to execute a brute-force password attack with no time limitation and without harming the normal operation of the user. Th...

9.8CVSS0.00661EPSS
Exploits0References1
NVD
NVD
added 2021/10/19 1:15 p.m.8 views

CVE-2021-38472

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 management portal does not contain an X-FRAME-OPTIONS header, which an attacker may take advantage of by sending a link to an administrator that frames the router’s management portal and could lure the administrator to perform...

4.7CVSS0.00652EPSS
Exploits0References1
NVD
NVD
added 2021/10/19 1:15 p.m.23 views

CVE-2021-38486

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 cloud portal allows for self-registration of the affected product without any requirements to create an account, which may allow an attacker to have full control over the product and execute code within the internal network to...

8.5CVSS0.00751EPSS
Exploits0References1
NVD
NVD
added 2021/10/19 1:15 p.m.16 views

CVE-2021-38482

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 website used to control the router is vulnerable to stored cross-site scripting, which may allow an attacker to hijack sessions of users connected to the system...

8.7CVSS0.00537EPSS
Exploits0References1
NVD
NVD
added 2021/10/19 1:15 p.m.22 views

CVE-2021-38484

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 do not have a filter or signature check to detect or prevent an upload of malicious files to the server, which may allow an attacker, acting as an administrator, to upload malicious files. This could result in cross-site scriptin...

9.1CVSS0.02597EPSS
Exploits0References1
NVD
NVD
added 2021/10/19 1:15 p.m.10 views

CVE-2021-38480

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 are vulnerable to cross-site request forgery when unauthorized commands are submitted from a user the web application trusts. This may allow an attacker to remotely perform actions on the router’s management portal, such as makin...

9.6CVSS0.00527EPSS
Exploits0References1
NVD
NVD
added 2021/10/19 1:15 p.m.12 views

CVE-2021-38476

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 authentication process response indicates and validates the existence of a username. This may allow an attacker to enumerate different user accounts...

6.5CVSS0.00736EPSS
Exploits0References1
OSV
OSV
added 2021/10/19 1:15 p.m.5 views

CVE-2021-38472

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 management portal does not contain an X-FRAME-OPTIONS header, which an attacker may take advantage of by sending a link to an administrator that frames the router’s management portal and could lure the administrator to perform...

4.7CVSS5.8AI score0.00652EPSS
Exploits0References1
OSV
OSV
added 2021/10/19 1:15 p.m.4 views

CVE-2021-38468

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 are vulnerable to stored cross-scripting, which may allow an attacker to hijack sessions of users connected to the system...

4.8CVSS5.8AI score
Exploits0References1
Rows per page
Query Builder