CVE-2021-38462

Name of the Vulnerable Software and Affected Versions InHand Networks IR615 Router versions 2.3.0.r4724 through 2.3.0.r4870

Description The issue is related to the lack of an efficient password policy enforcement. This may allow an attacker with obtained user credentials to enumerate passwords and impersonate other application users, performing operations on their behalf.

Recommendations For versions 2.3.0.r4724 and 2.3.0.r4870, consider implementing a strong password policy to mitigate the risk of password enumeration and impersonation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.