CVE-2022-25995

Name of the Vulnerable Software and Affected Versions InHand Networks InRouter302 version 3.5.4

Description A command execution vulnerability exists in the console inhand functionality, allowing an attacker to execute arbitrary commands by sending a specially-crafted network request. This vulnerability can be exploited remotely, potentially enabling an attacker to execute arbitrary code or commands.

Recommendations For InHand Networks InRouter302 version 3.5.4, consider restricting access to the console inhand functionality until a patch is available. As a temporary workaround, limit the ability to send specially-crafted network requests to the vulnerable device. At the moment, there is no information about a newer version that contains a fix for this vulnerability.