Vulnerability Description
The firmware of InHand Networks InRouter302 V3.5.45 introduces fixes for TALOS-2022-1472 and TALOS-2022-1474. The fixes are incomplete. An attacker can still perform, respectively, a privilege escalation and an information disclosure vulnerability.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Inhandnetworks | Inrouter302 Firmware | < 3.5.56 |
| Inhandnetworks | Inrouter302 | - |
Related Weaknesses (CWE)
References
- https://inhandnetworks.com/upload/attachment/202210/25/InHand-PSA-2022-02.pdfVendor Advisory
- https://talosintelligence.com/vulnerability_reports/TALOS-2022-1523Third Party Advisory
- https://inhandnetworks.com/upload/attachment/202210/25/InHand-PSA-2022-02.pdfVendor Advisory
- https://talosintelligence.com/vulnerability_reports/TALOS-2022-1523Third Party Advisory
FAQ
What is CVE-2022-25932?
CVE-2022-25932 is a vulnerability with a CVSS score of 9.8 (CRITICAL). The firmware of InHand Networks InRouter302 V3.5.45 introduces fixes for TALOS-2022-1472 and TALOS-2022-1474. The fixes are incomplete. An attacker can still perform, respectively, a privilege escalat...
How severe is CVE-2022-25932?
CVE-2022-25932 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2022-25932?
Check the references section above for vendor advisories and patch information. Affected products include: Inhandnetworks Inrouter302 Firmware, Inhandnetworks Inrouter302.