CVE-2022-26510
CVE-2022-26510 affects InHand Networks InRouter302 (V3.5.37). TALOS details a firmware-update vulnerability in the iburn upgrade flow: the upgrade.cgi API allows firmware updates without cryptographic signature verification; only a CRC32 check is performed, enabling an attacker to inject a backdo...