Talos Vulnerability Report

TALOS-2022-1523

InHand Networks InRouter302 Incorrect fixes privilege escalation vulnerability

October 27, 2022

CVE Number

CVE-2022-25932

SUMMARY

The firmware of InHand Networks InRouter302 V3.5.45 introduces fixes for TALOS-2022-1472 and TALOS-2022-1474. The fixes are incomplete. An attacker can still perform, respectively, a privilege escalation and an information disclosure vulnerability.

CONFIRMED VULNERABLE VERSIONS

The versions below were either tested or verified to be vulnerable by Talos or confirmed to be vulnerable by the vendor.

InHand Networks InRouter302 V3.5.45

PRODUCT URLS

InRouter302 - https://www.inhandnetworks.com/products/inrouter300.html

CVSSv3 SCORE

7.4 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L

CWE

CWE-284 - Improper Access Control

DETAILS

The InRouter302 is an industrial LTE router. It features remote management functionalities and several security protection mechanisms, such as: VPN technologies, firewall functionalities, authorization management and several other features.

The patches introduced for TALOS-2022-1472 and TALOS-2022-1474 were not effective.

TIMELINE

2022-06-07 - Vendor Disclosure
2022-10-25 - Vendor Patch Release
2022-10-27 - Public Release

Credit

Discovered by Francesco Benvenuto of Cisco Talos.

TALOS-2022-1544

TALOS-2022-1522

Intelligence Center

Vulnerability Research

Security Resources

Media

Company