Vulnerability Description
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain an arbitrary file deletion vulnerability via the function sub_17C08.
CVSS Score
9.1
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Inhandnetworks | Inrouter 900 Firmware | < 1.0.0.r11700 |
| Inhandnetworks | Inrouter 900 | - |
Related Weaknesses (CWE)
References
- https://drive.google.com/drive/folders/1MPtl6pGa7GMIT1-jg69YUGSQdVTfbnay?usp=shaExploitThird Party Advisory
- https://github.com/wu610777031/IoT_Hunter/blob/main/Inhand%20InRouter%20900%20In
- https://drive.google.com/drive/folders/1MPtl6pGa7GMIT1-jg69YUGSQdVTfbnay?usp=shaExploitThird Party Advisory
- https://github.com/wu610777031/IoT_Hunter/blob/main/Inhand%20InRouter%20900%20In
FAQ
What is CVE-2022-27277?
CVE-2022-27277 is a vulnerability with a CVSS score of 9.1 (CRITICAL). InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain an arbitrary file deletion vulnerability via the function sub_17C08.
How severe is CVE-2022-27277?
CVE-2022-27277 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2022-27277?
Check the references section above for vendor advisories and patch information. Affected products include: Inhandnetworks Inrouter 900 Firmware, Inhandnetworks Inrouter 900.