Saturday, July 20, 2024
HomeCyber CrimeCritical Vulnerabilities Provide Root Access to InHand Industrial Routers

Critical Vulnerabilities Provide Root Access to InHand Industrial Routers

InHand Networks’ wireless industrial router contains 17 vulnerabilities, including holes that may be chained to get root access by convincing a user to click on a malicious link.

The problems impact the InRouter 302 small industrial LTE router, which is intended for use in commercial and industrial settings, including hospitality, finance, automotive, utilities, retail, public safety, and energy. InHand products are used by some of the world’s leading corporations.

Researchers at Cisco’s Talos threat intelligence and research team uncovered the security flaws, the great majority of which have been rated “critical” or “high severity.” They can result in arbitrary file uploads, code execution, privilege escalation, OS command injection, and illegal firmware changes, among other things.

The flaws were discovered in IR302 versions 3.5.37 and earlier, and they were fixed with the release of version 3.5.45.

Talos researchers uncovered 17 vulnerabilities in the InRouter 302 product that may be chained to acquire root access to the device. Users should not have access to the underlying Linux system, which may be administered using a web interface or a console accessible through telnet or SSH.

Talos describes a hypothetical attack scenario that begins with the exploitation of a cross-site scripting (XSS) vulnerability, which allows an attacker to run arbitrary JavaScript code and steal a user’s session cookie if the user clicks on a specially crafted link that triggers the exploit.

 

Regardless of whether the stolen cookie grants privileged or non-privileged access, the attacker can get root access by exploiting one of three vulnerabilities. This involves exploiting a secret command to launch a root shell and uploading a specially designed file to get remote code execution.

If the attacker has non-privileged access as a result of the XSS vulnerability, they can leverage one of two flaws that allow a user with lower rights to escalate permissions, such as altering or gaining a privileged user’s password, according to Talos’ attack scenario.

If the XSS attack allows the attacker to get privileged access, they have at least two vulnerabilities to exploit in order to gain root access to the router’s Linux operating system.

 

“Any number of impacts may be performed after root access to the router is acquired, including, but not limited to, injecting, discarding, or examining packets, DNS poisoning, or further pivoting into the network,” Talos warned.

 

On Thursday, Talos issued a blog post and warnings outlining its results, and InHand followed suit on May 10.

InHand’s vulnerability handling appears to be improving. The US Cybersecurity and Infrastructure Security Agency (CISA) issued an alert in October 2021 to notify enterprises about 13 vulnerabilities detected in InHand’s IR615 router over a year before.

 

The issues exposed several firms to remote attacks, but they looked to be unpatched at the time of discovery, with the vendor only disclosing remedies and issuing its own advice a few weeks later.

IEMA IEMLabs
IEMA IEMLabshttps://iemlabs.com
IEMLabs is an ISO 27001:2013 and ISO 9001:2015 certified company, we are also a proud member of EC Council, NASSCOM, Data Security Council of India (DSCI), Indian Chamber of Commerce (ICC), U.S. Chamber of Commerce, and Confederation of Indian Industry (CII). The company was established in 2016 with a vision in mind to provide Cyber Security to the digital world and make them Hack Proof. The question is why are we suddenly talking about Cyber Security and all this stuff? With the development of technology, more and more companies are shifting their business to Digital World which is resulting in the increase in Cyber Crimes.
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Recent Comments

Izzi Казино онлайн казино казино x мобильді нұсқасы on Instagram and Facebook Video Download Made Easy with ssyoutube.com
Temporada 2022-2023 on CamPhish
2017 Grammy Outfits on Meesho Supplier Panel: Register Now!
React JS Training in Bangalore on Best Online Learning Platforms in India
DigiSec Technologies | Digital Marketing agency in Melbourne on Buy your favourite Mobile on EMI
亚洲A∨精品无码一区二区观看 on Restaurant Scheduling 101 For Better Business Performance

Write For Us