Unrated severityNVD Advisory· Published Jun 18, 2026· Updated Jun 18, 2026

CVE-2026-38717

Description

InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discovered to contain a command injection vulnerability in the file upload function. The vulnerability allows remote attackers to execute arbitrary commands as root via a crafted input.

Affected products

InHand Networks/IR912llm-create
Range: <= V1.0.0.r20042
InHand Networks/IR915llm-create
Range: <= V1.0.0.r20042

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.inhand.com/wp-content/uploads/2026/06/InHand-PSA-2026-06_EN.pdfmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000