Information disclosure

2022-05-1217:15:00

PRIOn knowledge base

www.prio-n.com

6.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.8%

JSON

An information disclosure vulnerability exists in the router configuration export functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to increased privileges. An attacker can send an HTTP request to trigger this vulnerability.

CPENameOperatorVersion
ir302_firmwareeq3.5.37

CPE	Name	Operator	Version
	ir302_firmware	eq	3.5.37

References

talosintelligence.com/vulnerability_reports/TALOS-2022-1474

www.inhandnetworks.com/upload/attachment/202205/10/InHand-PSA-2022-01.pdf