Multiple vulnerabilities in InHand Networks InRouter302



Risk Medium
Patch available YES
Number of vulnerabilities 19
CVE-ID CVE-2022-26042
CVE-2022-26510
CVE-2022-21238
CVE-2022-21182
CVE-2022-25172
CVE-2022-26782
CVE-2022-26781
CVE-2022-26780
CVE-2022-26075
CVE-2022-26420
CVE-2022-25995
CVE-2022-26020
CVE-2022-21809
CVE-2022-26007
CVE-2022-26085
CVE-2022-26002
CVE-2022-27172
CVE-2022-24910
CVE-2022-26518
CWE-ID CWE-78
CWE-347
CWE-79
CWE-284
CWE-1004
CWE-121
CWE-489
CWE-321
CWE-377
CWE-259
CWE-119
Exploitation vector Network
Public exploit Public exploit code for vulnerability #6 is available.
Public exploit code for vulnerability #7 is available.
Public exploit code for vulnerability #8 is available.
Vulnerable software
InRouter302
Hardware solutions / Routers & switches, VoIP, GSM, etc

Vendor InHand Networks

Security Bulletin

This security bulletin contains information about 19 vulnerabilities.

1) OS Command Injection

EUVDB-ID: #VU63204

Risk: Medium

CVSSv3.1: 8.6 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-26042

CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation in the daretools binary functionality. A remote user can pass specially crafted data to the application and execute arbitrary OS commands on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

InRouter302: 3.5.37

CPE2.3 External links

http://talosintelligence.com/vulnerability_reports/TALOS-2022-1478
http://www.inhandnetworks.com/upload/attachment/202205/10/InHand-PSA-2022-01.pdf


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Improper Verification of Cryptographic Signature

EUVDB-ID: #VU63224

Risk: Medium

CVSSv3.1: 8.6 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-26510

CWE-ID: CWE-347 - Improper Verification of Cryptographic Signature

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to a signature management issue in the iburn firmware checks functionality. A remote user can send a specially crafted request and update the firmware.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

InRouter302: 3.5.37

CPE2.3 External links

http://talosintelligence.com/vulnerability_reports/TALOS-2022-1495
http://www.inhandnetworks.com/upload/attachment/202205/10/InHand-PSA-2022-01.pdf


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Cross-site scripting

EUVDB-ID: #VU63223

Risk: Low

CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-21238

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data in the info.jsp functionality. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

InRouter302: 3.5.37

CPE2.3 External links

http://www.inhandnetworks.com/upload/attachment/202205/10/InHand-PSA-2022-01.pdf
http://talosintelligence.com/vulnerability_reports/TALOS-2022-1469


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Improper access control

EUVDB-ID: #VU63222

Risk: Medium

CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-21182

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions in the router configuration import functionality. A remote user can send a specially crafted HTTP request and increase privileges on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

InRouter302: 3.5.37

CPE2.3 External links

http://talosintelligence.com/vulnerability_reports/TALOS-2022-1472
http://www.inhandnetworks.com/upload/attachment/202205/10/InHand-PSA-2022-01.pdf


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Sensitive Cookie Without 'HttpOnly' Flag

EUVDB-ID: #VU63221

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-25172

CWE-ID: CWE-1004 - Sensitive Cookie Without 'HttpOnly' Flag

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to the "HTTPOnly" flag is not set in the web interface session cookie functionality. A remote attacker can gain unauthorized access to sensitive information on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

InRouter302: 3.5.37

CPE2.3 External links

http://www.inhandnetworks.com/upload/attachment/202205/10/InHand-PSA-2022-01.pdf
http://talosintelligence.com/vulnerability_reports/TALOS-2022-1470


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Stack-based buffer overflow

EUVDB-ID: #VU63220

Risk: Medium

CVSSv3.1: 8.9 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2022-26782

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the libnvram.so nvram_import functionality in the httpd’s user_define_set_item function. A remote user can trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

InRouter302: 3.5.37

CPE2.3 External links

http://www.inhandnetworks.com/upload/attachment/202205/10/InHand-PSA-2022-01.pdf
http://talosintelligence.com/vulnerability_reports/TALOS-2022-1481


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

7) Stack-based buffer overflow

EUVDB-ID: #VU63219

Risk: Medium

CVSSv3.1: 8.9 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2022-26781

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the libnvram.so nvram_import functionality in the httpd’s user_define_print function. A remote user can trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

InRouter302: 3.5.37

CPE2.3 External links

http://www.inhandnetworks.com/upload/attachment/202205/10/InHand-PSA-2022-01.pdf
http://talosintelligence.com/vulnerability_reports/TALOS-2022-1481


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

8) Stack-based buffer overflow

EUVDB-ID: #VU63218

Risk: Medium

CVSSv3.1: 8.9 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2022-26780

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the libnvram.so nvram_import functionality in the httpd’s user_define_init function. A remote user can trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

InRouter302: 3.5.37

CPE2.3 External links

http://www.inhandnetworks.com/upload/attachment/202205/10/InHand-PSA-2022-01.pdf
http://talosintelligence.com/vulnerability_reports/TALOS-2022-1481


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

9) OS Command Injection

EUVDB-ID: #VU63217

Risk: Medium

CVSSv3.1: 8.6 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-26075

CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation in the console infactory_wlan functionality. A remote user can pass specially crafted data to the application and execute arbitrary OS commands on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

InRouter302: 3.5.37

CPE2.3 External links

http://talosintelligence.com/vulnerability_reports/TALOS-2022-1500
http://www.inhandnetworks.com/upload/attachment/202205/10/InHand-PSA-2022-01.pdf


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) OS Command Injection

EUVDB-ID: #VU63214

Risk: Medium

CVSSv3.1: 8.6 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-26420

CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation in the console infactory_port functionality. A remote user can pass specially crafted data to the application and execute arbitrary OS commands on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

InRouter302: 3.5.37

CPE2.3 External links

http://talosintelligence.com/vulnerability_reports/TALOS-2022-1499
http://www.inhandnetworks.com/upload/attachment/202205/10/InHand-PSA-2022-01.pdf


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Active Debug Code

EUVDB-ID: #VU63213

Risk: Medium

CVSSv3.1: 8.6 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-25995

CWE-ID: CWE-489 - Active Debug Code

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to active debug code issue in the console inhand functionality. A remote user can send a specially crafted request and execute arbitrary commands.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

InRouter302: 3.5.37

CPE2.3 External links

http://talosintelligence.com/vulnerability_reports/TALOS-2022-1477
http://www.inhandnetworks.com/upload/attachment/202205/10/InHand-PSA-2022-01.pdf


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Use of Hard-coded Cryptographic Key

EUVDB-ID: #VU63212

Risk: Medium

CVSSv3.1: 5.5 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-26020

CWE-ID: CWE-321 - Use of Hard-coded Cryptographic Key

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to the affected product has a hardcoded private key in the router configuration export functionality. A remote user can increased privileges on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

InRouter302: 3.5.37

CPE2.3 External links

http://talosintelligence.com/vulnerability_reports/TALOS-2022-1474
http://www.inhandnetworks.com/upload/attachment/202205/10/InHand-PSA-2022-01.pdf


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Insecure Temporary File

EUVDB-ID: #VU63211

Risk: Medium

CVSSv3.1: 8.6 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-21809

CWE-ID: CWE-377 - Insecure Temporary File

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a file write issue in the httpd upload.cgi functionality. A remote user can upload a malicious file and execute it on the server.

Mitigation

Install update from vendor's website.

Vulnerable software versions

InRouter302: 3.5.37

CPE2.3 External links

http://talosintelligence.com/vulnerability_reports/TALOS-2022-1468
http://www.inhandnetworks.com/upload/attachment/202205/10/InHand-PSA-2022-01.pdf


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) OS Command Injection

EUVDB-ID: #VU63210

Risk: Low

CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-26007

CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Exploit availability: No

Description

The vulnerability allows a remote user to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation in the console factory functionality. A remote administrator can pass specially crafted data to the application and execute arbitrary OS commands on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

InRouter302: 3.5.37

CPE2.3 External links

http://talosintelligence.com/vulnerability_reports/TALOS-2022-1475
http://www.inhandnetworks.com/upload/attachment/202205/10/InHand-PSA-2022-01.pdf


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) OS Command Injection

EUVDB-ID: #VU63209

Risk: Medium

CVSSv3.1: 8.6 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-26085

CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation in the httpd wlscan_ASP functionality. A remote user can pass specially crafted data to the application and execute arbitrary OS commands on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

InRouter302: 3.5.37

CPE2.3 External links

http://talosintelligence.com/vulnerability_reports/TALOS-2022-1473
http://www.inhandnetworks.com/upload/attachment/202205/10/InHand-PSA-2022-01.pdf


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Stack-based buffer overflow

EUVDB-ID: #VU63208

Risk: Low

CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-26002

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

Description

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the console factory functionality. A remote administrator can trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

InRouter302: 3.5.37

CPE2.3 External links

http://talosintelligence.com/vulnerability_reports/TALOS-2022-1476
http://www.inhandnetworks.com/upload/attachment/202205/10/InHand-PSA-2022-01.pdf


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Use of Hard-coded Password

EUVDB-ID: #VU63207

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-27172

CWE-ID: CWE-259 - Use of Hard-coded Password

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the target system. 

The vulnerability exists due to the software contains a hard-coded password in the console infactory functionality. A remote user can cause privileged operation execution.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

InRouter302: 3.5.37

CPE2.3 External links

http://talosintelligence.com/vulnerability_reports/TALOS-2022-1496
http://www.inhandnetworks.com/upload/attachment/202205/10/InHand-PSA-2022-01.pdf


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Buffer overflow

EUVDB-ID: #VU63206

Risk: Low

CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-24910

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the httpd parse_ping_result API functionality. A remote administrator can create a specially crafted file, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

InRouter302: 3.5.37

CPE2.3 External links

http://www.inhandnetworks.com/upload/attachment/202205/10/InHand-PSA-2022-01.pdf
http://talosintelligence.com/vulnerability_reports/TALOS-2022-1471


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) OS Command Injection

EUVDB-ID: #VU63205

Risk: Medium

CVSSv3.1: 8.6 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-26518

CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation in the console infactory_net functionality. A remote user can pass specially crafted data to the application and execute arbitrary OS commands on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

InRouter302: 3.5.37

CPE2.3 External links

http://talosintelligence.com/vulnerability_reports/TALOS-2022-1501
http://www.inhandnetworks.com/upload/attachment/202205/10/InHand-PSA-2022-01.pdf


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###