CVE-2022-29888

A leftover debug code vulnerability exists in the httpd port 4444 upload.cgi functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted HTTP request can lead to arbitrary file deletion. An attacker can send an HTTP request to trigger this vulnerability.

CVSS v3 8.1 HIGH

8.1^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://inhandnetworks.com/upload/attachment/202210/25/InHand-PSA-2022-02.pdf	Vendor Advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1522	Exploit Technical Description Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:inhandnetworks:ir302_firmware:3.5.45:*:*:*:*:*:*:*

cpe:2.3:h:inhandnetworks:ir302:-:*:*:*:*:*:*:*

History

10 Nov 2022, 15:22

Type	Values Removed	Values Added
References	~~(CONFIRM) https://inhandnetworks.com/upload/attachment/202210/25/InHand-PSA-2022-02.pdf -~~	(CONFIRM) https://inhandnetworks.com/upload/attachment/202210/25/InHand-PSA-2022-02.pdf - Vendor Advisory
References	~~(MISC) https://talosintelligence.com/vulnerability_reports/TALOS-2022-1522 -~~	(MISC) https://talosintelligence.com/vulnerability_reports/TALOS-2022-1522 - Exploit, Technical Description, Third Party Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 8.1
CPE		cpe:2.3:h:inhandnetworks:ir302:-:::::::* cpe:2.3:o:inhandnetworks:ir302_firmware:3.5.45:::::::*
CWE	~~CWE-489~~	NVD-CWE-Other

09 Nov 2022, 18:56

Type	Values Removed	Values Added
New CVE

Information

Published : 2022-11-09 18:15

Updated : 2024-02-04 22:51

NVD link : CVE-2022-29888

Mitre link : CVE-2022-29888

CVE.ORG link : CVE-2022-29888

JSON object : View

Products Affected

inhandnetworks

ir302_firmware
ir302

CWE

NVD-CWE-Other CWE-489

Active Debug Code

{"id": "CVE-2022-29888", "metrics": {"cvssMetricV30": [{"type": "Secondary", "source": "talos-cna@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}, "impactScore": 5.2, "exploitabilityScore": 1.2}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 5.2, "exploitabilityScore": 2.8}]}, "published": "2022-11-09T18:15:14.643", "references": [{"url": "https://inhandnetworks.com/upload/attachment/202210/25/InHand-PSA-2022-02.pdf", "tags": ["Vendor Advisory"], "source": "talos-cna@cisco.com"}, {"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1522", "tags": ["Exploit", "Technical Description", "Third Party Advisory"], "source": "talos-cna@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}, {"type": "Secondary", "source": "talos-cna@cisco.com", "description": [{"lang": "en", "value": "CWE-489"}]}], "descriptions": [{"lang": "en", "value": "A leftover debug code vulnerability exists in the httpd port 4444 upload.cgi functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted HTTP request can lead to arbitrary file deletion. An attacker can send an HTTP request to trigger this vulnerability."}, {"lang": "es", "value": "Existe una vulnerabilidad de c\u00f3digo de depuraci\u00f3n sobrante en la funcionalidad upload.cgi del puerto httpd 4444 de InHand Networks InRouter302 V3.5.45. Una solicitud HTTP especialmente manipulada puede provocar la eliminaci\u00f3n arbitraria de un archivo. Un atacante puede enviar una solicitud HTTP para desencadenar esta vulnerabilidad."}], "lastModified": "2022-11-10T15:22:13.440", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:inhandnetworks:ir302_firmware:3.5.45:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CCD75096-9011-4F14-BE6C-B64A187954F0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:inhandnetworks:ir302:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0E358655-E442-4D2C-B0B8-03C6780EC55C"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "talos-cna@cisco.com"}