wu610777031

11 exploits Active since Apr 2022
CVE-2022-27268 WRITEUP CRITICAL WRITEUP
Inhandnetworks Inrouter 900 Firmware - OS Command Injection
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the component get_cgi_from_memory. This vulnerability is triggered via a crafted packet.
CVSS 9.8
CVE-2022-27269 WRITEUP CRITICAL WRITEUP
Inhandnetworks Inrouter 900 Firmware - OS Command Injection
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the component config_ovpn. This vulnerability is triggered via a crafted packet.
CVSS 9.8
CVE-2022-27270 WRITEUP CRITICAL WRITEUP
Inhandnetworks Inrouter 900 Firmware - OS Command Injection
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the component ipsec_secrets. This vulnerability is triggered via a crafted packet.
CVSS 9.8
CVE-2022-27271 WRITEUP CRITICAL WRITEUP
Inhandnetworks Inrouter 900 Firmware - OS Command Injection
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the component python-lib. This vulnerability is triggered via a crafted packet.
CVSS 9.8
CVE-2022-27272 WRITEUP CRITICAL WRITEUP
Inhandnetworks Inrouter 900 Firmware - OS Command Injection
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the function sub_1791C. This vulnerability is triggered via a crafted packet.
CVSS 9.8
CVE-2022-27273 WRITEUP CRITICAL WRITEUP
Inhandnetworks Inrouter 900 Firmware - OS Command Injection
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the function sub_12168. This vulnerability is triggered via a crafted packet.
CVSS 9.8
CVE-2022-27275 WRITEUP CRITICAL WRITEUP
Inhandnetworks Inrouter 900 Firmware - OS Command Injection
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the function sub_122D0. This vulnerability is triggered via a crafted packet.
CVSS 9.8
CVE-2022-27276 WRITEUP CRITICAL WRITEUP
Inhandnetworks Inrouter 900 Firmware - OS Command Injection
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the function sub_10F2C. This vulnerability is triggered via a crafted packet.
CVSS 9.8
CVE-2022-27277 WRITEUP CRITICAL WRITEUP
Inhandnetworks Inrouter 900 Firmware < 1.0.0.r11700 - Path Traversal
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain an arbitrary file deletion vulnerability via the function sub_17C08.
CVSS 9.1
CVE-2022-27279 WRITEUP HIGH WRITEUP
Inhandnetworks Inrouter 900 Firmware < 1.0.0.r11700 - Path Traversal
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain an arbitrary file read via the function sub_177E0.
CVSS 7.5
CVE-2022-27280 WRITEUP MEDIUM WRITEUP
Inhandnetworks Inrouter 900 Firmware < 1.0.0.r11700 - XSS
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the web_exec parameter at /apply.cgi.
CVSS 5.4