InHand Router Flaws: Command Injection Patches Released
ID: c36ecea8-4bee-5b1c-aec5-4e84f5940e59
STIX ID: report--c36ecea8-4bee-5b1c-aec5-4e84f5940e59
Feed Name: securityonline.info
Threat Score
### Executive Summary The vendor disclosed five critical command-injection vulnerabilities in InHand industrial routers (CVE-2026-38702 through CVE-2026-38707) with maximum CVSS scores up to 9.8 that could enable remote attackers to obtain root access or cause DoS; affected models include IR302, IR305, IR315, and IR615, and vendor firmware updates (InRouter3XX-V3.5.112 and V1.0.121) are available and should be applied immediately.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.