3 matches found
CVE-2022-26075
An OS command injection vulnerability exists in the console infactorywlan functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability...
CVE-2022-26075
An OS command injection vulnerability exists in the console infactorywlan functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability...
CVE-2022-26075
CVE-2022-26075 affects InHand Networks InRouter302 (V3.5.37). A vulnerability in the console’s wlan_functionality (infactory_wlan) allows OS command injection via an unsanitized third argument, which is passed to system(). An attacker with access to the wlan/factory mode could execute arbitrary c...