CVE-2022-29481

A leftover debug code vulnerability exists in the console nvram functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted series of network requests can lead to disabling security features. An attacker can send a sequence of requests to trigger this vulnerability.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://inhandnetworks.com/upload/attachment/202210/25/InHand-PSA-2022-02.pdf	Vendor Advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1518	Exploit Technical Description Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:inhandnetworks:ir302_firmware:3.5.45:*:*:*:*:*:*:*

cpe:2.3:h:inhandnetworks:ir302:-:*:*:*:*:*:*:*

History

10 Nov 2022, 15:49

Type	Values Removed	Values Added
CWE	~~CWE-489~~	NVD-CWE-Other
References	~~(MISC) https://talosintelligence.com/vulnerability_reports/TALOS-2022-1518 -~~	(MISC) https://talosintelligence.com/vulnerability_reports/TALOS-2022-1518 - Exploit, Technical Description, Third Party Advisory
References	~~(CONFIRM) https://inhandnetworks.com/upload/attachment/202210/25/InHand-PSA-2022-02.pdf -~~	(CONFIRM) https://inhandnetworks.com/upload/attachment/202210/25/InHand-PSA-2022-02.pdf - Vendor Advisory
CPE		cpe:2.3:h:inhandnetworks:ir302:-:::::::* cpe:2.3:o:inhandnetworks:ir302_firmware:3.5.45:::::::*
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 6.5

09 Nov 2022, 18:56

Type	Values Removed	Values Added
New CVE

Information

Published : 2022-11-09 18:15

Updated : 2024-02-04 22:51

NVD link : CVE-2022-29481

Mitre link : CVE-2022-29481

CVE.ORG link : CVE-2022-29481

JSON object : View

Products Affected

inhandnetworks

ir302_firmware
ir302

CWE

NVD-CWE-Other CWE-489

Active Debug Code

{"id": "CVE-2022-29481", "metrics": {"cvssMetricV30": [{"type": "Secondary", "source": "talos-cna@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 4.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.2}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2022-11-09T18:15:14.320", "references": [{"url": "https://inhandnetworks.com/upload/attachment/202210/25/InHand-PSA-2022-02.pdf", "tags": ["Vendor Advisory"], "source": "talos-cna@cisco.com"}, {"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1518", "tags": ["Exploit", "Technical Description", "Third Party Advisory"], "source": "talos-cna@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}, {"type": "Secondary", "source": "talos-cna@cisco.com", "description": [{"lang": "en", "value": "CWE-489"}]}], "descriptions": [{"lang": "en", "value": "A leftover debug code vulnerability exists in the console nvram functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted series of network requests can lead to disabling security features. An attacker can send a sequence of requests to trigger this vulnerability."}, {"lang": "es", "value": "Existe una vulnerabilidad de c\u00f3digo de depuraci\u00f3n sobrante en la funcionalidad nvram de la consola de InHand Networks InRouter302 V3.5.45. Una serie de solicitudes de red especialmente manipuladas pueden provocar la desactivaci\u00f3n de funciones de seguridad. Un atacante puede enviar una secuencia de solicitudes para desencadenar esta vulnerabilidad."}], "lastModified": "2022-11-10T15:49:29.683", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:inhandnetworks:ir302_firmware:3.5.45:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CCD75096-9011-4F14-BE6C-B64A187954F0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:inhandnetworks:ir302:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0E358655-E442-4D2C-B0B8-03C6780EC55C"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "talos-cna@cisco.com"}