CVE-2023-22600

CRITICAL

InRouter 302 < 3.5.56 and InRouter 615 < 2.3.0.r5542 - Unauthenticated MQTT Topic Subscription

Title source: llm

Description

InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-284: Improper Access Control. They allow unauthenticated devices to subscribe to MQTT topics on the same network as the device manager. An unauthorized user who knows of an existing topic name could send and receive messages to and from that topic. This includes the ability to send GET/SET configuration commands, reboot commands, and push firmware updates.

References (1)

Core 1

Core References

Third Party Advisory, US Government Resource government-resource

https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-03

Scores

CVSS v3 10.0

EPSS 0.0049

EPSS Percentile 38.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-284

Status published

Products (2)

inhandnetworks/inrouter302_firmware < 3.5.56

inhandnetworks/inrouter615-s_firmware < 2.3.0.r5542

Published Jan 12, 2023

Tracked Since Feb 18, 2026