Lucene search
K

29 matches found

vulnrichment
vulnrichment
added 2023/01/12 10:31 p.m.11 views

CVE-2023-22599

InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-760: Use of a One-way Hash with a Predictable Salt. They send MQTT credentials in response to HTTP/HTTPS requests from the cloud platform. These...

7CVSS9.3AI score0.00321EPSS
Exploits0References1
cve
cve
added 2023/01/12 10:31 p.m.48 views

CVE-2023-22599

InRouter 302 (all versions prior to IR302 V3.5.56) and InRouter 615 (all versions prior to InRouter6XX-S-V2.3.0.r5542) are affected by CWE-760: Use of a One-way Hash with a Predictable Salt. The MQTT credentials are encoded using a hardcoded string in an MD5 hash, which an unauthenticated attacke...

9.1CVSS9.1AI score0.00321EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2023/01/12 10:27 p.m.32 views

CVE-2023-22597

InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-319: Cleartext Transmission of Sensitive Information. They use an unsecured channel to communicate with the cloud platform by default. An...

6.5CVSS6.9AI score0.00513EPSS
Exploits0References1
cve
cve
added 2023/01/12 10:27 p.m.58 views

CVE-2023-22597

InHand Networks InRouter302 (pre-IR302 v3.5.56) and InRouter615 (pre-InRouter6XX-S-V2.3.0.r5542) are affected by CWE-319: Cleartext Transmission of Sensitive Information. The devices communicate with the cloud over an unsecured channel by default, allowing an attacker to intercept configuration d...

6.5CVSS5.9AI score0.00513EPSS
Exploits0References1Affected Software1
ptsecurity
ptsecurity
added 2023/01/12 12:0 a.m.6 views

PT-2023-2790 · Inhand Networks · Inrouter 615 +1

Name of the Vulnerable Software and Affected Versions: InHand Networks InRouter 302 versions prior to IR302 V3.5.56 InHand Networks InRouter 615 versions prior to InRouter6XX-S-V2.3.0.r5542 Description: The issue is related to the use of insufficiently random values, specifically with the MQTT...

10CVSS8.2AI score0.00563EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2023/01/12 12:0 a.m.5 views

PT-2023-1283 · Inhand Networks · Inrouter 615 +1

Name of the Vulnerable Software and Affected Versions: InHand Networks InRouter 302 versions prior to IR302 V3.5.56 InHand Networks InRouter 615 versions prior to InRouter6XX-S-V2.3.0.r5542 Description: The issue is related to improper access control in the software of InHand Networks InRouter 30...

10CVSS8AI score0.00492EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2023/01/12 12:0 a.m.5 views

PT-2023-1075 · Inhand Networks · Inrouter 615 +1

Name of the Vulnerable Software and Affected Versions: InHand Networks InRouter 302 versions prior to IR302 V3.5.56 InHand Networks InRouter 615 versions prior to InRouter6XX-S-V2.3.0.r5542 Description: The issue is related to improper neutralization of special elements used in an OS command, whi...

9CVSS7.2AI score0.01638EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2023/01/03 12:0 a.m.5 views

PT-2023-1274 · Inhand Networks · Inrouter302 +1

Name of the Vulnerable Software and Affected Versions: InHand Networks InRouter 302 versions prior to IR302 V3.5.56 InHand Networks InRouter 615 versions prior to InRouter6XX-S-V2.3.0.r5542 Description: The issue is related to the use of a one-way hash with a predictable salt, allowing an...

9.1CVSS9AI score0.00321EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2023/01/03 12:0 a.m.7 views

PT-2023-1275 · Inhand Networks · Inrouter302 +1

Name of the Vulnerable Software and Affected Versions: InHand Networks InRouter 302 versions prior to IR302 V3.5.56 InHand Networks InRouter 615 versions prior to InRouter6XX-S-V2.3.0.r5542 Description: The issue is related to the use of an unsecured channel for data transmission by default, whic...

6.5CVSS6.3AI score0.00513EPSS
Exploits0References5
Rows per page
Query Builder