2 matches found
CVE-2023-22599
InRouter 302 (all versions prior to IR302 V3.5.56) and InRouter 615 (all versions prior to InRouter6XX-S-V2.3.0.r5542) are affected by CWE-760: Use of a One-way Hash with a Predictable Salt. The MQTT credentials are encoded using a hardcoded string in an MD5 hash, which an unauthenticated attacke...
CVE-2023-22598
CVE-2023-22598 affects InHand Networks InRouter 302 (pre-3.5.56) and InRouter 615 (pre-2.3.0.r5542). The vulnerability is an OS command injection (CWE-78) allowing an unauthorized user with privileged access to the local web interface or cloud account to push a crafted configuration update to gai...