5 matches found
CVE-2022-28689
A leftover debug code vulnerability exists in the console support functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability...
CVE-2022-28689
CVE-2022-28689 affects InHand Networks InRouter302 (v3.5.45). Talos reports a console debug leftover that allows arbitrary command execution when an attacker issues a crafted sequence of requests to the device’s console, enabling a hidden or legacy command path (e.g., a leftover “support” functio...
CVE-2022-28689
A leftover debug code vulnerability exists in the console support functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability...
Vulnerability Spotlight: Vulnerabilities in InHand router could give attackers access to console, delete files
Francesco Benvenuto of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered several vulnerabilities in InHand Networks InRouter302 that could allow an attacker to access the routers console and make changes to the routers settings, including security protocols. The InRout...
InHand Networks InRouter302 console support leftover debug code vulnerability
Talos Vulnerability Report TALOS-2022-1521 InHand Networks InRouter302 console support leftover debug code vulnerability October 27, 2022 CVE Number CVE-2022-28689 SUMMARY A leftover debug code vulnerability exists in the console support functionality of InHand Networks InRouter302 V3.5.45. A...