29 matches found
CVE-2023-22599
InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-760: Use of a One-way Hash with a Predictable Salt. They send MQTT credentials in response to HTTP/HTTPS requests from the cloud platform. These...
CVE-2023-22599
InRouter 302 (all versions prior to IR302 V3.5.56) and InRouter 615 (all versions prior to InRouter6XX-S-V2.3.0.r5542) are affected by CWE-760: Use of a One-way Hash with a Predictable Salt. The MQTT credentials are encoded using a hardcoded string in an MD5 hash, which an unauthenticated attacke...
CVE-2023-22597
InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-319: Cleartext Transmission of Sensitive Information. They use an unsecured channel to communicate with the cloud platform by default. An...
CVE-2023-22597
InHand Networks InRouter302 (pre-IR302 v3.5.56) and InRouter615 (pre-InRouter6XX-S-V2.3.0.r5542) are affected by CWE-319: Cleartext Transmission of Sensitive Information. The devices communicate with the cloud over an unsecured channel by default, allowing an attacker to intercept configuration d...
PT-2023-2790 · Inhand Networks · Inrouter 615 +1
Name of the Vulnerable Software and Affected Versions: InHand Networks InRouter 302 versions prior to IR302 V3.5.56 InHand Networks InRouter 615 versions prior to InRouter6XX-S-V2.3.0.r5542 Description: The issue is related to the use of insufficiently random values, specifically with the MQTT...
PT-2023-1283 · Inhand Networks · Inrouter 615 +1
Name of the Vulnerable Software and Affected Versions: InHand Networks InRouter 302 versions prior to IR302 V3.5.56 InHand Networks InRouter 615 versions prior to InRouter6XX-S-V2.3.0.r5542 Description: The issue is related to improper access control in the software of InHand Networks InRouter 30...
PT-2023-1075 · Inhand Networks · Inrouter 615 +1
Name of the Vulnerable Software and Affected Versions: InHand Networks InRouter 302 versions prior to IR302 V3.5.56 InHand Networks InRouter 615 versions prior to InRouter6XX-S-V2.3.0.r5542 Description: The issue is related to improper neutralization of special elements used in an OS command, whi...
PT-2023-1274 · Inhand Networks · Inrouter302 +1
Name of the Vulnerable Software and Affected Versions: InHand Networks InRouter 302 versions prior to IR302 V3.5.56 InHand Networks InRouter 615 versions prior to InRouter6XX-S-V2.3.0.r5542 Description: The issue is related to the use of a one-way hash with a predictable salt, allowing an...
PT-2023-1275 · Inhand Networks · Inrouter302 +1
Name of the Vulnerable Software and Affected Versions: InHand Networks InRouter 302 versions prior to IR302 V3.5.56 InHand Networks InRouter 615 versions prior to InRouter6XX-S-V2.3.0.r5542 Description: The issue is related to the use of an unsecured channel for data transmission by default, whic...