CVE-2026-38707

9.8 CRITICAL

A command injection vulnerability exists in the IPSec VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118, IR...

Published: 2026-05-28 · Last updated: 2026-05-29

Severity and scoring

CVSS: 9.8 CRITICAL
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-77

Affected products

Vendor	Product
inhandnetworks	ir302_firmware, ir305_firmware, ir315_firmware

Description

A command injection vulnerability exists in the IPSec VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118, IR315 firmware V1.0.118, IR615 firmware V1.0.118, and earlier versions. Attackers can exploit this vulnerability to obtain ROOT privileges on remote target devices.

Source: NVD

References

[NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-38707
[Vendor advisory]https://www.inhand.com/wp-content/uploads/InHand-PSA-2026-05_EN.pdf

Related CVEs

Same vendor

CVE-2026-38704 — A command injection vulnerability exists in the WireGuard VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118... (9.8 CRITICAL)
CVE-2026-38703 — A command injection vulnerability exists in the ZeroTier VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118,... (9.8 CRITICAL)
CVE-2026-38702 — A command injection vulnerability exists in the Admin Access feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118,... (9.8 CRITICAL)

Same CWE

CVE-2026-46529 — Atril Document Viewer is the default document reader of the MATE desktop environment for Linux
CVE-2026-45558 — Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers (9.9 CRITICAL)
CVE-2026-11572 — Versions of the package degit before 2.8.6, from 3.0.0 and before 3.3.1 are vulnerable to Command Injection due to improper sanitisation ... (8.8 HIGH)
CVE-2026-11556 — A security flaw has been discovered in Tenda F451 1.0.0.7/1.0.0.9 (8.8 HIGH)
CVE-2026-11487 — A flaw has been found in Neovim up to 0.12.2 (5.3 MEDIUM)