CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2023-22601
https://notcve.org/view.php?id=CVE-2023-22601
12 Jan 2023 — InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-330: Use of Insufficiently Random Values. They do not properly randomize MQTT ClientID parameters. An unauthorized user could calculate this parameter and use it to gather additional information about other InHand devices managed on the same cloud platform. InHand Networks InRouter 302, anterior a la versión IR302 V3.5.56, e InRouter 615, anterior a la versió... • https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-03 • CWE-330: Use of Insufficiently Random Values •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2023-22600
https://notcve.org/view.php?id=CVE-2023-22600
12 Jan 2023 — InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-284: Improper Access Control. They allow unauthenticated devices to subscribe to MQTT topics on the same network as the device manager. An unauthorized user who knows of an existing topic name could send and receive messages to and from that topic. This includes the ability to send GET/SET configuration commands, reboot commands, and push firmware updates. In... • https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-03 • CWE-284: Improper Access Control •
CVSS: 9.4EPSS: 0%CPEs: 4EXPL: 0CVE-2023-22599
https://notcve.org/view.php?id=CVE-2023-22599
12 Jan 2023 — InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-760: Use of a One-way Hash with a Predictable Salt. They send MQTT credentials in response to HTTP/HTTPS requests from the cloud platform. These credentials are encoded using a hardcoded string into an MD5 hash. This string could be easily calculated by an unauthorized user who spoofed sending an HTTP/HTTPS request to the devices. This could result in the aff... • https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-03 • CWE-760: Use of a One-Way Hash with a Predictable Salt •
CVSS: 8.3EPSS: 13%CPEs: 4EXPL: 0CVE-2023-22598
https://notcve.org/view.php?id=CVE-2023-22598
12 Jan 2023 — InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'). An unauthorized user with privileged access to the local web interface or the cloud account managing the affected devices could push a specially crafted configuration update file to gain root access. This could lead to remote code execution with root privileges. In... • https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-03 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-22597
https://notcve.org/view.php?id=CVE-2023-22597
12 Jan 2023 — InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-319: Cleartext Transmission of Sensitive Information. They use an unsecured channel to communicate with the cloud platform by default. An unauthorized user could intercept this communication and steal sensitive information such as configuration information and MQTT credentials; this could allow MQTT command injection. InHand Networks InRouter 302, anterior a ... • https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-03 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 1CVE-2022-30543
https://notcve.org/view.php?id=CVE-2022-30543
09 Nov 2022 — A leftover debug code vulnerability exists in the console infct functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted series of network requests can lead to execution of privileged operations. An attacker can send a sequence of requests to trigger this vulnerability. Existe una vulnerabilidad de código de depuración sobrante en la funcionalidad de infección de la consola de InHand Networks InRouter302 V3.5.45. Una serie de solicitudes de red especialmente manipuladas pueden conducir a la... • https://inhandnetworks.com/upload/attachment/202210/25/InHand-PSA-2022-02.pdf • CWE-489: Active Debug Code •
CVSS: 8.5EPSS: 0%CPEs: 2EXPL: 1CVE-2022-29888
https://notcve.org/view.php?id=CVE-2022-29888
09 Nov 2022 — A leftover debug code vulnerability exists in the httpd port 4444 upload.cgi functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted HTTP request can lead to arbitrary file deletion. An attacker can send an HTTP request to trigger this vulnerability. Existe una vulnerabilidad de código de depuración sobrante en la funcionalidad upload.cgi del puerto httpd 4444 de InHand Networks InRouter302 V3.5.45. Una solicitud HTTP especialmente manipulada puede provocar la eliminación arbitraria de un ... • https://inhandnetworks.com/upload/attachment/202210/25/InHand-PSA-2022-02.pdf • CWE-489: Active Debug Code •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-29481
https://notcve.org/view.php?id=CVE-2022-29481
09 Nov 2022 — A leftover debug code vulnerability exists in the console nvram functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted series of network requests can lead to disabling security features. An attacker can send a sequence of requests to trigger this vulnerability. Existe una vulnerabilidad de código de depuración sobrante en la funcionalidad nvram de la consola de InHand Networks InRouter302 V3.5.45. Una serie de solicitudes de red especialmente manipuladas pueden provocar la desactivación d... • https://inhandnetworks.com/upload/attachment/202210/25/InHand-PSA-2022-02.pdf • CWE-489: Active Debug Code •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-28689
https://notcve.org/view.php?id=CVE-2022-28689
09 Nov 2022 — A leftover debug code vulnerability exists in the console support functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability. Existe una vulnerabilidad de código de depuración sobrante en la funcionalidad de soporte de la consola de InHand Networks InRouter302 V3.5.45. Una solicitud de red especialmente manipulada puede conducir a la ejecución de un comando arbitr... • https://inhandnetworks.com/upload/attachment/202210/25/InHand-PSA-2022-02.pdf • CWE-489: Active Debug Code •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-26023
https://notcve.org/view.php?id=CVE-2022-26023
09 Nov 2022 — A leftover debug code vulnerability exists in the console verify functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted series of network requests can lead to disabling security features. An attacker can send a sequence of requests to trigger this vulnerability. Existe una vulnerabilidad de código de depuración sobrante en la funcionalidad de verificación de la consola de InHand Networks InRouter302 V3.5.45. Una serie de solicitudes de red especialmente manipuladas pueden provocar la desa... • https://inhandnetworks.com/upload/attachment/202210/25/InHand-PSA-2022-02.pdf • CWE-489: Active Debug Code •