CVE-2021-38466

Name of the Vulnerable Software and Affected Versions InHand Networks IR615 Router versions 2.3.0.r4724 through 2.3.0.r4870

Description The issue concerns insufficient input validation on client requests from the help page, potentially allowing an attacker to perform a reflected cross-site scripting attack. This could enable an attacker to run code on behalf of the client browser.

Recommendations For versions 2.3.0.r4724 and 2.3.0.r4870, consider disabling access to the help page until a patch is available to prevent potential exploitation. Restrict input validation to minimize the risk of reflected cross-site scripting attacks.