← Volver a CVEs
CVE-2021-38464
MEDIUM6.4
Descripcion
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 have inadequate encryption strength, which may allow an attacker to intercept the communication and steal sensitive information or hijack the session.
Detalles CVE
Puntuacion CVSS v3.16.4
SeveridadMEDIUM
Vector CVSSCVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
Vector de ataqueADJACENT_NETWORK
ComplejidadHIGH
Privilegios requeridosNONE
Interaccion usuarioREQUIRED
Publicado10/19/2021
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
inhandnetworks:ir615inhandnetworks:ir615_firmware
Debilidades (CWE)
CWE-326CWE-326
Referencias
https://us-cert.cisa.gov/ics/advisories/icsa-21-280-05(ics-cert@hq.dhs.gov)
https://us-cert.cisa.gov/ics/advisories/icsa-21-280-05(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.