Connect with us

Hi, what are you looking for?



InHand Industrial Router Vulnerabilities Expose Internal OT Networks to Attacks

Vulnerabilities in industrial routers made by InHand Networks could allow hackers to bypass security systems and gain access to OT networks.

A series of vulnerabilities affecting industrial routers made by InHand Networks could allow hackers to bypass security systems and gain access to internal operational technology (OT) networks from the internet.

The US Cybersecurity and Infrastructure Security Agency (CISA) last week published an advisory to inform organizations about five vulnerabilities identified by a researcher at industrial cybersecurity firm Otorio in InHand’s InRouter302 and InRouter615 cellular routers.

The vendor has released firmware updates that should patch these vulnerabilities.InHand router vulnerabilities

According to CISA, most of the vulnerabilities are related to message queuing telemetry transport (MQTT) and their exploitation could lead to command/code execution and information disclosure.

One of the security holes has been assigned a ‘critical’ severity rating, two have been rated ‘high severity’ and two are medium-severity issues.

Matan Dobrushin, VP of research at Otorio, told SecurityWeek that the vulnerabilities impact both the cloud management platform and the device’s firmware.

“Chaining these vulnerabilities together can allow an attacker to remotely execute code as root on all connected InRouter302 and InRouter615 devices directly from the internet,” Dobrushin explained.

The affected devices are used for industrial robots, oil wells, elevators, medical equipment, electric car charging stations, and smart meters.

“We are certain that there are tens of thousands of devices that are impacted by these vulnerabilities, affecting thousands of critical sites around the globe,” Dobrushin warned.

Advertisement. Scroll to continue reading.

Roni Gavrilov, the Otorio researcher credited for finding these flaws, provided additional information on impact in a LinkedIn post.

“Successful exploitation of industrial wireless IoT may allow an attacker to bypass all of the security layers protecting the internal OT network at once, enabling access directly to connected PLCs, HMIs and field devices on the attacked site, easily impacting the process and potentially propagating the attack to the control center,” the researcher said.

This is not the first time Otorio has found vulnerabilities in InHand routers. In 2021, the company reported finding more than a dozen security flaws in one of the vendor’s cellular routers.

In addition, in 2022, Cisco’s Talos threat intelligence and research unit reported finding 17 vulnerabilities in the InRouter302 product.

Related: 10 Vulnerabilities Found in Widely Used Robustel Industrial Routers

Related: Several Vulnerabilities Expose Phoenix Contact Industrial 4G Routers to Attacks

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.


The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders.


People on the Move

Data security startup Reco adds Merritt Baer as CISO

Chris Pashley has been named CISO at Advanced Research Projects Agency for Health (ARPA-H).

Satellite cybersecurity company SpiderOak has named Kip Gering as its new Chief Revenue Officer.

More People On The Move

Expert Insights