CVE-2022-26518

An OS command injection vulnerability exists in the console infactorynet functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability...

CVE-2022-26518

MODE C InRouter302 (InHand Networks) OS command injection vulnerability exists in the console infactory_net functionality (V3.5.37). TALOS-2022-1501 shows the net_functionality path parses a first argument and optionally a second; when the second argument is supplied as part of the test branch, i...

CVE-2022-26510

CVE-2022-26510 affects InHand Networks InRouter302 (V3.5.37). TALOS details a firmware-update vulnerability in the iburn upgrade flow: the upgrade.cgi API allows firmware updates without cryptographic signature verification; only a CRC32 check is performed, enabling an attacker to inject a backdo...

CVE-2022-26510

A firmware update vulnerability exists in the iburn firmware checks functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted HTTP request can lead to firmware update. An attacker can send a sequence of requests to trigger this vulnerability...

CVE-2022-26510

A firmware update vulnerability exists in the iburn firmware checks functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted HTTP request can lead to firmware update. An attacker can send a sequence of requests to trigger this vulnerability...

CVE-2022-26420

An OS command injection vulnerability exists in the console infactoryport functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability...

CVE-2022-26420

An OS command injection vulnerability exists in the console infactoryport functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability...

CVE-2022-26420

CVE-2022-26420 affects InHand Networks InRouter302 (V3.5.37). TALOS notes an OS command injection in the console infactory_port, where unvalidated input can be passed to system to execute arbitrary commands. The InRouter302 exposes a factory/console flow that allows constructing command strings (...

CVE-2022-26085

An OS command injection vulnerability exists in the httpd wlscanASP functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

CVE-2022-26085

InRouter302 (InHand Networks) V3.5.4 contains an OS command injection in the httpd wlscan_ASP function. TALOS-2022-1473 documents that an authenticated HTTP request can trigger arbitrary command execution via the wlscan_ASP path, using nvram-derived values and popen to execute system commands. CV...

CVE-2022-26075

An OS command injection vulnerability exists in the console infactorywlan functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability...

CVE-2022-26075

CVE-2022-26075 affects InHand Networks InRouter302 (V3.5.37). A vulnerability in the console’s wlan_functionality (infactory_wlan) allows OS command injection via an unsanitized third argument, which is passed to system(). An attacker with access to the wlan/factory mode could execute arbitrary c...

CVE-2022-26042

An OS command injection vulnerability exists in the daretools binary functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability...

CVE-2022-26042

InRouter302 (InHand) with firmware 3.5.4 has an OS command-injection in the daretools binary. TALOS-2022-1478 shows the HTTP server and a debug inhand function enabling a user with a hard-coded password to run the daretools binary, which then accepts lines; if a line starts with a or r, it calls ...

CVE-2022-26042

An OS command injection vulnerability exists in the daretools binary functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability...

CVE-2022-26020

InRouter302 (InHand Networks) with firmware 3.5.4 is affected by an information-disclosure vulnerability in the router’s configuration export feature. Talos’ write-up (TALOS-2022-1474) shows that nvram configuration data is downloadable via config.dat, and encryption of entries uses a hard-coded ...

CVE-2022-26020

An information disclosure vulnerability exists in the router configuration export functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to increased privileges. An attacker can send an HTTP request to trigger this vulnerability...

CVE-2022-26020

An information disclosure vulnerability exists in the router configuration export functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to increased privileges. An attacker can send an HTTP request to trigger this vulnerability...

CVE-2022-26007

An OS command injection vulnerability exists in the console factory functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to command execution. An attacker can send a sequence of requests to trigger this vulnerability...

CVE-2022-26007

CVE-2022-26007 corresponds to an InHand InRouter302 OS command injection in the console factory. A privileged user can pass a crafted token to the factory command (via iwpriv) that is concatenated and passed to system(), enabling arbitrary command execution. Talos details show potential chainabil...