InHand Networks InRouter302缓冲区溢出漏洞

InHand Networks InRouter Series is a series of routers from InHand Networks, U.S.A. A buffer overflow vulnerability exists in InHand Networks InRouter302 version V3.5.4, which stems from the httpd parsepingresult API function A boundary error occurs when handling untrusted input, which can be...

CVE-2022-24910

A buffer overflow vulnerability exists in the httpd parsepingresult API functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability...

Buffer overflow

A buffer overflow vulnerability exists in the httpd parsepingresult API functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability...

CVE-2022-24910

InRouter302 (InHand Networks) V3.5.4 contains a buffer overflow in the httpd parse_ping_result API. TALOS-2022-1471 shows that if an attacker manipulates /tmp/ping_result.txt (via the apply.cgi PING_Test path on port 4444), the code path reads long lines and uses sscanf into small buffers, enabli...