Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-21182 | 1 Inhandnetworks | 2 Inrouter302, Inrouter302 Firmware | 2024-02-04 | 6.5 MEDIUM | 8.8 HIGH |
A privilege escalation vulnerability exists in the router configuration import functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to increased privileges. An attacker can send an HTTP request to trigger this vulnerability. | |||||
CVE-2022-21809 | 1 Inhandnetworks | 2 Inrouter302, Inrouter302 Firmware | 2024-02-04 | 5.5 MEDIUM | 8.1 HIGH |
A file write vulnerability exists in the httpd upload.cgi functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can upload a malicious file to trigger this vulnerability. | |||||
CVE-2022-21238 | 1 Inhandnetworks | 2 Inrouter302, Inrouter302 Firmware | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
A cross-site scripting (xss) vulnerability exists in the info.jsp functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can send an HTTP request to trigger this vulnerability. |