CVE-2022-26020
- EPSS 0.64%
- Veröffentlicht 12.05.2022 17:15:10
- Zuletzt bearbeitet 21.11.2024 06:53:19
An information disclosure vulnerability exists in the router configuration export functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to increased privileges. An attacker can send an HTTP request to trigg...
- EPSS 5.3%
- Veröffentlicht 12.05.2022 17:15:10
- Zuletzt bearbeitet 21.11.2024 06:53:18
An OS command injection vulnerability exists in the console factory functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to command execution. An attacker can send a sequence of requests to trigger this vu...
CVE-2022-26002
- EPSS 3.04%
- Veröffentlicht 12.05.2022 17:15:10
- Zuletzt bearbeitet 21.11.2024 06:53:18
A stack-based buffer overflow vulnerability exists in the console factory functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to remote code execution. An attacker can send a sequence of malicious packets...
- EPSS 2.48%
- Veröffentlicht 12.05.2022 17:15:10
- Zuletzt bearbeitet 21.11.2024 06:53:17
A command execution vulnerability exists in the console inhand functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger th...
CVE-2022-25172
- EPSS 0.88%
- Veröffentlicht 12.05.2022 17:15:10
- Zuletzt bearbeitet 21.11.2024 06:51:44
An information disclosure vulnerability exists in the web interface session cookie functionality of InHand Networks InRouter302 V3.5.4. The session cookie misses the HttpOnly flag, making it accessible via JavaScript and thus allowing an attacker, ab...