CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

9.9CVSS7.7AI score0.01704EPSS

The vulnerability of the httpd upload.cgi component of InHand Networks’ InRouter302 microprogramming router software allows for unlimited uploading of dangerous files, enabling attackers to upload any desired files.

The vulnerability of the httpdupload.cgi component of InHand Networks’ InRouter302 microprogramming system involves unlimited uploading of dangerous files. Exploiting this vulnerability allows a malicious actor to upload any files into the system using a specially created HTTP request...

BDU FSTEC•added 2023/01/31 12:0 a.m.•3 views

The vulnerability of the firmware verification process for InHand Networks InRouter302, related to incorrect verification of the cryptographic signature, allows a perpetrator to perform an update of the firmware.

The vulnerability of the firmware verification process for InHand Networks InRouter302 lies in the improper verification of the cryptographic signature. Exploiting this vulnerability allows a malicious actor to perform firmware updates through a specially crafted HTTP request...

9.9CVSS7.1AI score0.01223EPSS

BDU FSTEC•added 2023/01/31 12:0 a.m.•1 views

The vulnerability of the info.jsp component of InHand Networks’ InRouter302 microprogramming system allows attackers to execute cross-site scripting attacks.

The vulnerability of the info.jsp component of InHand Networks InRouter302 microprogramming system lies in the insufficient protection of the web page structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially created web page...

5.8CVSS6AI score0.01362EPSS

9.9CVSS8.1AI score0.12653EPSS

The vulnerability of InHand Networks InRouter302’s microprogramming software arises from the failure to take measures to neutralize the special elements used in the operating system command set. This vulnerability allows a perpetrator to execute arbitrary commands.

The vulnerability of InHand Networks InRouter302 microprogramming software exists due to the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

6.5CVSS6.8AI score0.00638EPSS

The vulnerability of InHand Networks InRouter302’s microprogramming software, which stems from the use of a rigidly encrypted cryptographic key, allows attackers to enhance their privileges and disclose protected information.

The vulnerability of InHand Networks InRouter302 microprogramming software lies in the use of a rigidly encrypted cryptographic key. Exploiting this vulnerability allows a malicious actor to enhance their privileges and disclose protected information through a specially crafted HTTP request...

9.9CVSS8.2AI score0.02479EPSS

The vulnerability of the microprogrammed software consoles of InHand Networks’ InRouter302, due to security flaws in their mechanisms, allows attackers to execute arbitrary code or perform arbitrary commands.

The vulnerability of the microprogrammed software-based routers from InHand Networks, InRouter302, is related to deficiencies in security mechanisms. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or perform arbitrary commands using a specially created request...

9.9CVSS8.1AI score0.08599EPSS

Exploits1References5Affected Software1

CNNVD•added 2023/01/12 12:0 a.m.•5 views

InHand Networks InRouter302 操作系统命令注入漏洞

The InHand Networks InRouter302 is an LTE cellular router from InHand Networks, Inc. An operating system command injection vulnerability exists in the InHand Networks InRouter302 version prior to V3.5.56, and the InRouter615 version prior to V2.3.0.r5542, which stems from improper neutralization ...

7.2CVSS7.4AI score0.01638EPSS

CNNVD•added 2023/01/12 12:0 a.m.•3 views

InHand Networks InRouter302 安全特征问题漏洞

The InHand Networks InRouter302 is an LTE cellular router from InHand Networks, Inc. A security feature issue vulnerability exists in the InHand Networks InRouter302 version prior to V3.5.56, and the InRouter615 version prior to V2.3.0.r5542, which stems from the use of an insufficiently randomiz...

10CVSS8.2AI score0.00563EPSS

CNNVD•added 2023/01/12 12:0 a.m.•4 views

InHand Networks InRouter302 安全漏洞

The InHand Networks InRouter302 is an LTE cellular router from InHand Networks, Inc. A security vulnerability exists in the InHand Networks InRouter302 version prior to V3.5.56, InRouter615 version prior to V2.3.0.r5542, which stems from a one-way hash algorithm that uses predictable Salt...

9.1CVSS8.2AI score0.00321EPSS

CNNVD•added 2023/01/12 12:0 a.m.•2 views

InHand Networks InRouter302 安全漏洞

10CVSS8AI score0.00492EPSS

CNNVD•added 2023/01/12 12:0 a.m.•4 views

InHand Networks InRouter302 安全漏洞

The InHand Networks InRouter302 is an LTE cellular router from InHand Networks, Inc. A security vulnerability exists in the InHand Networks InRouter302 version prior to V3.5.56, and the InRouter615 version prior to V2.3.0.r5542, which stems from the plaintext transmission of sensitive information...

6.5CVSS6AI score0.00513EPSS

OSV•added 2022/11/09 6:15 p.m.•3 views

CVE-2022-29481

A leftover debug code vulnerability exists in the console nvram functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted series of network requests can lead to disabling security features. An attacker can send a sequence of requests to trigger this vulnerability...

6.5CVSS5.8AI score0.00765EPSS

Exploits1References2

OSV•added 2022/11/09 6:15 p.m.•1 views

CVE-2022-28689

A leftover debug code vulnerability exists in the console support functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability...

8.8CVSS6AI score0.00905EPSS