Inhandnetworks

Ir302 Firmware

21 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2022-26518

Exploit
  • EPSS 6.89%
  • Veröffentlicht 12.05.2022 17:15:10
  • Zuletzt bearbeitet 21.11.2024 06:54:06

An OS command injection vulnerability exists in the console infactory_net functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of reque...

6.7

CVE-2022-24910

Exploit
  • EPSS 3.13%
  • Veröffentlicht 12.05.2022 17:15:10
  • Zuletzt bearbeitet 21.11.2024 06:51:22

A buffer overflow vulnerability exists in the httpd parse_ping_result API functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vul...

9

CVE-2022-26420

Exploit
  • EPSS 9.06%
  • Veröffentlicht 12.05.2022 17:15:10
  • Zuletzt bearbeitet 21.11.2024 06:53:54

An OS command injection vulnerability exists in the console infactory_port functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requ...

8.8

CVE-2022-26085

Exploit
  • EPSS 2.66%
  • Veröffentlicht 12.05.2022 17:15:10
  • Zuletzt bearbeitet 21.11.2024 06:53:24

An OS command injection vulnerability exists in the httpd wlscan_ASP functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to ...

9

CVE-2022-26075

Exploit
  • EPSS 9.06%
  • Veröffentlicht 12.05.2022 17:15:10
  • Zuletzt bearbeitet 21.11.2024 06:53:23

An OS command injection vulnerability exists in the console infactory_wlan functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requ...

8.8

CVE-2022-26042

Exploit
  • EPSS 2.61%
  • Veröffentlicht 12.05.2022 17:15:10
  • Zuletzt bearbeitet 21.11.2024 06:53:20

An OS command injection vulnerability exists in the daretools binary functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trig...

6.5

CVE-2022-26020

Exploit
  • EPSS 0.26%
  • Veröffentlicht 12.05.2022 17:15:10
  • Zuletzt bearbeitet 21.11.2024 06:53:19

An information disclosure vulnerability exists in the router configuration export functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to increased privileges. An attacker can send an HTTP request to trigg...

9

CVE-2022-26007

Exploit
  • EPSS 3.54%
  • Veröffentlicht 12.05.2022 17:15:10
  • Zuletzt bearbeitet 21.11.2024 06:53:18

An OS command injection vulnerability exists in the console factory functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to command execution. An attacker can send a sequence of requests to trigger this vu...

7.2

CVE-2022-26002

Exploit
  • EPSS 7.73%
  • Veröffentlicht 12.05.2022 17:15:10
  • Zuletzt bearbeitet 21.11.2024 06:53:18

A stack-based buffer overflow vulnerability exists in the console factory functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to remote code execution. An attacker can send a sequence of malicious packets...

9

CVE-2022-25995

Exploit
  • EPSS 1.88%
  • Veröffentlicht 12.05.2022 17:15:10
  • Zuletzt bearbeitet 21.11.2024 06:53:17

A command execution vulnerability exists in the console inhand functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger th...