CVE-2022-24910

Name of the Vulnerable Software and Affected Versions InHand Networks InRouter302 version 3.5.4

Description A buffer overflow vulnerability exists in the httpd parse ping result API functionality. This issue is related to copying a buffer without checking the size of the input data, which can be exploited by sending a specially-crafted file or a sequence of requests, potentially leading to remote code execution.

Recommendations For InHand Networks InRouter302 version 3.5.4, consider disabling the parse ping result API functionality as a temporary workaround until a patch is available. Restrict access to the httpd functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.