CVE-2021-38468

Name of the Vulnerable Software and Affected Versions InHand Networks IR615 Router versions 2.3.0.r4724 through 2.3.0.r4870

Description The issue concerns stored cross-scripting, which may allow an attacker to hijack sessions of users connected to the system.

Recommendations For versions 2.3.0.r4724 and 2.3.0.r4870, consider disabling access to potentially vulnerable endpoints until a patch is available. Restrict access to sensitive areas of the system to minimize the risk of session hijacking. At the moment, there is no information about a newer version that contains a fix for this vulnerability.