Ir302 Firmware@3.5.37 Security Vulnerabilities and Issues — Ir302 Firmware@3.5.37 CVE List

Lucene search

InhandnetworksIr302 Firmware3.5.37

7 matches found

CVE•added 2022/05/12 5:15 p.m.•63 views

CVE-2022-26020

An information disclosure vulnerability exists in the router configuration export functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to increased privileges. An attacker can send an HTTP request to trigger this vulnerability.

6.5CVSS6.3AI score0.00263EPSS

CVE•added 2022/05/12 5:15 p.m.•59 views

CVE-2022-26042

An OS command injection vulnerability exists in the daretools binary functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability.

9.9CVSS8.9AI score0.02629EPSS

CVE•added 2022/05/12 5:15 p.m.•58 views

CVE-2022-26420

An OS command injection vulnerability exists in the console infactory_port functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.

9.9CVSS9AI score0.09335EPSS

CVE•added 2022/05/12 5:15 p.m.•57 views

CVE-2022-26075

An OS command injection vulnerability exists in the console infactory_wlan functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.

9.9CVSS9AI score0.09335EPSS

CVE•added 2022/05/12 5:15 p.m.•53 views

CVE-2022-26085

An OS command injection vulnerability exists in the httpd wlscan_ASP functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.

9.9CVSS8.8AI score0.02675EPSS

CVE•added 2022/05/12 5:15 p.m.•51 views

CVE-2022-26510

A firmware update vulnerability exists in the iburn firmware checks functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted HTTP request can lead to firmware update. An attacker can send a sequence of requests to trigger this vulnerability.

9.9CVSS6.6AI score0.00487EPSS

CVE•added 2022/05/12 5:15 p.m.•44 views

CVE-2022-26518

An OS command injection vulnerability exists in the console infactory_net functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.

9.9CVSS9AI score0.07104EPSS