Show filters
21 Total Results
Displaying 1-10 of 21
Sort by:
Attacker Value
Unknown

CVE-2022-29481

Disclosure Date: October 27, 2022 (last updated December 22, 2024)
A leftover debug code vulnerability exists in the console nvram functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted series of network requests can lead to disabling security features. An attacker can send a sequence of requests to trigger this vulnerability.
Attacker Value
Unknown

CVE-2022-29888

Disclosure Date: October 27, 2022 (last updated December 22, 2024)
A leftover debug code vulnerability exists in the httpd port 4444 upload.cgi functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted HTTP request can lead to arbitrary file deletion. An attacker can send an HTTP request to trigger this vulnerability.
Attacker Value
Unknown

CVE-2022-30543

Disclosure Date: October 27, 2022 (last updated December 22, 2024)
A leftover debug code vulnerability exists in the console infct functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted series of network requests can lead to execution of privileged operations. An attacker can send a sequence of requests to trigger this vulnerability.
Attacker Value
Unknown

CVE-2022-28689

Disclosure Date: October 27, 2022 (last updated December 22, 2024)
A leftover debug code vulnerability exists in the console support functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability.
Attacker Value
Unknown

CVE-2022-26023

Disclosure Date: October 27, 2022 (last updated December 22, 2024)
A leftover debug code vulnerability exists in the console verify functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted series of network requests can lead to disabling security features. An attacker can send a sequence of requests to trigger this vulnerability.
Attacker Value
Unknown

CVE-2022-25995

Disclosure Date: May 10, 2022 (last updated February 23, 2025)
A command execution vulnerability exists in the console inhand functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability.
Attacker Value
Unknown

CVE-2022-26002

Disclosure Date: May 10, 2022 (last updated February 23, 2025)
A stack-based buffer overflow vulnerability exists in the console factory functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to remote code execution. An attacker can send a sequence of malicious packets to trigger this vulnerability.
Attacker Value
Unknown

CVE-2022-26020

Disclosure Date: May 10, 2022 (last updated February 23, 2025)
An information disclosure vulnerability exists in the router configuration export functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to increased privileges. An attacker can send an HTTP request to trigger this vulnerability.
Attacker Value
Unknown

CVE-2022-26085

Disclosure Date: May 10, 2022 (last updated February 23, 2025)
An OS command injection vulnerability exists in the httpd wlscan_ASP functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.
Attacker Value
Unknown

CVE-2022-26042

Disclosure Date: May 10, 2022 (last updated February 23, 2025)
An OS command injection vulnerability exists in the daretools binary functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability.