CVE-2026-38702 InHand Networks CVE debrief

Who should care

Organizations operating InHand Networks IR-series industrial routers in manufacturing, utilities, transportation, and critical infrastructure sectors. Security teams responsible for OT/ICS network security and industrial gateway management. Managed service providers supporting industrial IoT deployments using affected router models.

Technical summary

The vulnerability is classified as CWE-77 (Command Injection) affecting the Admin Access feature of InHand Networks industrial routers. Multiple firmware versions across four product lines are impacted: IR302 (V3.5.108 and earlier), IR305 (V1.0.118 and earlier), IR315 (V1.0.118 and earlier), and IR615 (V1.0.118 and earlier). The attack requires no authentication and can be executed remotely over the network with low complexity, resulting in complete compromise of the target device with root privileges. The vulnerability is currently undergoing analysis in the NVD.

Defensive priority

critical

Recommended defensive actions

• Apply firmware updates from InHand Networks when available per vendor security advisory
• Restrict network access to administrative interfaces on affected IR302, IR305, IR315, and IR615 routers
• Monitor for unauthorized access attempts to Admin Access features
• Review device logs for indicators of compromise if patching is delayed
• Consider network segmentation for industrial router deployments until patches are applied

Evidence notes

Vulnerability description sourced from NVD CVE record. Vendor attribution based on reference domain candidate 'Inhand' with low confidence; vendor name marked as 'Unknown Vendor' in source data with review flag set. Affected product versions and firmware details from CVE description. CVSS vector and weakness classification (CWE-77: Command Injection) from NVD metadata. Vendor advisory link present in references.

Official resources