2 matches found
CVE-2022-21809
A file write vulnerability exists in the httpd upload.cgi functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can upload a malicious file to trigger this vulnerability...
CVE-2022-21809
CVE-2022-21809 affects InHand Networks InRouter302 (V3.5.4). TALOS-2022-1468 documents a file-write vulnerability in the httpd upload.cgi endpoint: an attacker can upload arbitrary files by crafting a POST to upload.cgi, potentially leading to remote code execution. The flaw stems from how upload...