CVE-2021-38486

Name of the Vulnerable Software and Affected Versions InHand Networks IR615 Router versions 2.3.0.r4724 through 2.3.0.r4870

Description The issue allows for self-registration of the affected product without any requirements to create an account, which may allow an attacker to have full control over the product and execute code within the internal network to which the product is connected.

Recommendations For versions 2.3.0.r4724 and 2.3.0.r4870, consider disabling the self-registration feature in the cloud portal to prevent unauthorized access until a patch is available. Restrict access to the cloud portal to minimize the risk of exploitation.