+ Product
+ Solution
Pricing
+ Knowledge
+ Company
Contact
Login
Start Free Trial
Research Center
IR615 Firmware Research Center
topia vulnerability management banner 11.png
IR

IR615 Firmware

By Inhandnetworks

Analyzed by TOPIA

Versions 2

CVE 13

🔥 CVE-2021-38474

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 have has no account lockout policy configured for the login page of the product. T...

9.8
CVSS
7 months ago
Act Now

🔥 CVE-2021-38462

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 does not enforce an efficient password policy. This may allow an attacker with obt...

9.8
CVSS
7 months ago
Act Now

🔥 CVE-2021-38478

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 are vulnerable to an attacker using a traceroute tool to inject commands into the...

9.1
CVSS
7 months ago
Act Now

🔥 CVE-2021-38470

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 are vulnerable to an attacker using a ping tool to inject commands into the device...

9.1
CVSS
7 months ago
Act Now

🔥 CVE-2021-38480

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 are vulnerable to cross-site request forgery when unauthorized commands are submit...

8.8
CVSS
7 months ago
Act Now

🔥 CVE-2021-38486

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 cloud portal allows for self-registration of the affected product without any requ...

8.5
CVSS
7 months ago
Act Now

CVE-2021-38464

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 have inadequate encryption strength, which may allow an attacker to intercept the...

7.4
CVSS
7 months ago

CVE-2021-38484

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 do not have a filter or signature check to detect or prevent an upload of maliciou...

7.2
CVSS
7 months ago

CVE-2021-38466

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 do not perform sufficient input validation on client requests from the help page....

6.1
CVSS
7 months ago

CVE-2021-38476

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 authentication process response indicates and validates the existence of a usernam...

5.3
CVSS
7 months ago

CVE-2021-38482

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 website used to control the router is vulnerable to stored cross-site scripting, w...

4.8
CVSS
7 months ago

CVE-2021-38468

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 are vulnerable to stored cross-scripting, which may allow an attacker to hijack se...

4.8
CVSS
7 months ago
horizontal_big.png
http://www.vicarius.io is owned and operated by Vicarius Ltd. (the “Company”). All information contained on the Website is purely for informational, and educational purposes and should be independently verified and confirmed. Vicarius does not accept any liability for any loss or damage whatsoever caused in reliance upon such information or services. No statements or information presented in any form by Vicarius is intended as fact, and you agree that you will not consider the statements or information presented on the Website as fact or as a guarantee of performance.

Security Research Topics

By Kent Weigle
Apr 12, 2021

February Trending CVEs: CVE-2021-3156

As stewards of the lush and vast landscape of security vulnerabilities, we felt obliged to share with you the top trending CVEs of the past month (who's excited for winter to be over?! 😁☀️🌷). Brace yourself! Ok, here we go.

By Kent Weigle
Apr 12, 2021

February Trending CVEs: CVE-2020-1472

As stewards of the lush and vast landscape of security vulnerabilities, we felt obliged to share with you the top trending CVEs of the past month (who's excited for winter to be over?! 😁☀️🌷). Brace yourself! Ok, here we go.

By Kent Weigle
Apr 12, 2021

February Trending CVEs: CVE-2021-24078

As stewards of the lush and vast landscape of security vulnerabilities, we felt obliged to share with you the top trending CVEs of the past month (who's excited for winter to be over?! 😁☀️🌷). Brace yourself! Ok, here we go.

By Kent Weigle
Apr 12, 2021

Top Trending CVEs of January 2021

Well, we made it through the first month of 2021! (Hopefully without any scratches or bruises 😅). As stewards of the lush and vast landscape of security vulnerabilities, we felt obliged to share with you the top trending CVEs of the past month. So, without further ado, The Top Trending CVEs of January 2021:

By Kent Weigle
Dec 22, 2020

Security Vulnerability Examples

As the threat landscape changes, the ability to address the most common types of security vulnerabilities is vital for robust protection. As information becomes the most essential asset for an organization, cybersecurity gains much more importance. To successfully conduct your business and preserve the hard-earned reputation of your company, you need to protect your data from malicious attacks, data breaches and hackers. 

By Kent Weigle
Dec 22, 2020

Zoom Security Vulnerabilities

As if times haven’t been hard enough, businesses are dealing with new security threats while employees work from home and some have major issues with one of the most popular video conferencing platforms, Zoom.

By Kent Weigle
Dec 22, 2020

What is a Vulnerability?

This article will offer a quick guide to vulnerabilities – what they are, how they can be exploited and the consequences of exploitation. A vulnerability is a weakness in an asset that can be exploited by cyber attackers. It’s a known issue that allows an attack to succeed. 

By Kent Weigle
Dec 21, 2020

Top 10 Software Vulnerabilities

Security testing is an assessment of the sensitivity of a software vulnerability to various attacks. What type of attacks? Mainly unauthorized breaches into the system with the aim of extracting data about users or getting confidential information. With the help of vulnerabilities present in the software code, attackers can achieve their objectives.  

By Kent Weigle
Dec 23, 2020

Zero-Day Vulnerability: Defense Strategies

A zero-day is a weakness in hardware, software or firmware that is not known to the parties responsible for patching or fixing the flaw. The term zero refers to an attack that has zero days between the time the vulnerability is discovered and the first attack. Once a zero-day vulnerability is known to the public, it’s known as a one-day or n-day vulnerability.

last_chanse_02.png

Start Closing Security Gaps

  • Risk reduction from Day 1
  • Fast set-up and deployment
  • Unified platform
  • Full-featured 30-day trial
Get a Demo
Start Free Trial!

Have questions?

By submitting this form, you agree to be contacted about TOPIA and other Vicarius products.

Vicarius develops an autonomous vulnerability remediation platform to help security teams protect their assets against software exploitation. Consolidating vulnerability assessment, prioritization, and remediation, Vicarius strengthens cyber hygiene and proactively reduces risk.
We're hiring!

Support

support@vicarius.io

Sales

sales@vicarius.io

Marketing

info@vicarius.io
Product
Product Overview
Patch Management
Patchless Protection
Auto Actions
Network Scanner
xTags
0-Day Detection
Solution
Solution Overview
Case Studies
Knowledge
Research Center
Apps & OS Patch Catalog
Videos
Articles
Docs
Company
About
Investors
Partners
Trust
Careers
Pricing
Pricing

Copyright © Vicarius. All rights reserved 2021. Privacy Policy and Terms of Use