CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-27280

InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the web_exec parameter at /apply.cgi.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 41.8%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

https://github.com/wu610777031/IoT_Hunter/blob/main/Inhand%20InRouter%20900%20Industrial%204G%20Router%20%20Vulnerabilities%28XSS%29.pdf
https://github.com/wu610777031/IoT_Hunter/blob/main/Inhand%20InRouter%20900%20Industrial%204G%20Router%20%20Vulnerabilities%28XSS%29.pdf

Products affected by CVE-2022-27280

Inhandnetworks » Inrouter 900 » Version: N/A

cpe:2.3:h:inhandnetworks:inrouter_900:-
Inhandnetworks » Inrouter 900 Firmware » Version: N/A

cpe:2.3:o:inhandnetworks:inrouter_900_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-27280

Products

Pricing

Contact Us