CVE-2022-26085 – An OS command injection vulnerability exists in the httpd wlscan_ASP functionality of InHa …

Vuln ID: CVE-2022-26085

Published:  2022-05-12  17:15:10Z

Description: An OS command injection vulnerability exists in the httpd wlscan_ASP functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.

Source: NVD.NIST.GOV