VYPR
Critical severity9.8NVD Advisory· Published May 28, 2026· Updated May 29, 2026

CVE-2026-38707

CVE-2026-38707

Description

A command injection vulnerability exists in the IPSec VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118, IR315 firmware V1.0.118, IR615 firmware V1.0.118, and earlier versions. Attackers can exploit this vulnerability to obtain ROOT privileges on remote target devices.

Affected products

8

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.