3 matches found
CVE-2022-26020
An information disclosure vulnerability exists in the router configuration export functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to increased privileges. An attacker can send an HTTP request to trigger this vulnerability...
CVE-2022-26020
An information disclosure vulnerability exists in the router configuration export functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to increased privileges. An attacker can send an HTTP request to trigger this vulnerability...
CVE-2022-26020
InRouter302 (InHand Networks) with firmware 3.5.4 is affected by an information-disclosure vulnerability in the router’s configuration export feature. Talos’ write-up (TALOS-2022-1474) shows that nvram configuration data is downloadable via config.dat, and encryption of entries uses a hard-coded ...