Lucene search
K

4 matches found

NVD
NVD
added 2022/05/12 5:15 p.m.21 views

CVE-2022-26085

An OS command injection vulnerability exists in the httpd wlscanASP functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

9.9CVSS0.12477EPSS
Exploits1References2
Prion
Prion
added 2022/05/12 5:15 p.m.15 views

Command injection

An OS command injection vulnerability exists in the httpd wlscanASP functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

6.5CVSS8.9AI score0.12477EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2022/05/12 5:1 p.m.68 views

CVE-2022-26085

InRouter302 (InHand Networks) V3.5.4 contains an OS command injection in the httpd wlscan_ASP function. TALOS-2022-1473 documents that an authenticated HTTP request can trigger arbitrary command execution via the wlscan_ASP path, using nvram-derived values and popen to execute system commands. CV...

9.9CVSS8.8AI score0.12477EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/05/12 5:1 p.m.26 views

CVE-2022-26085

An OS command injection vulnerability exists in the httpd wlscanASP functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

9.9CVSS9.1AI score0.12477EPSS
Exploits1References2
Rows per page
Query Builder