PatchSiren cyber security CVE debrief
CVE-2026-38707 InHand Networks CVE debrief
A critical command injection vulnerability in the IPSec VPN feature of multiple InHand Networks industrial router firmware versions allows unauthenticated remote attackers to execute arbitrary commands with ROOT privileges. The vulnerability affects IR302 (V3.5.108 and earlier), IR305, IR315, and IR615 (all V1.0.118 and earlier). The CVSS 3.1 score of 9.8 reflects network attack vector, low complexity, no privileges required, and high impact across confidentiality, integrity, and availability. The weakness is categorized as CWE-77 (Command Injection). InHand Networks has published a security advisory addressing this vulnerability.
- Vendor
- InHand Networks
- Product
- IR302, IR305, IR315, IR615 industrial routers (IPSec VPN feature)
- CVSS
- CRITICAL 9.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-05-28
- Original CVE updated
- 2026-05-29
- Advisory published
- 2026-05-28
- Advisory updated
- 2026-05-29
Who should care
Organizations deploying InHand Networks IR302, IR305, IR315, or IR615 industrial routers for remote connectivity, SCADA/ICS network administrators, telecommunications infrastructure operators, and security teams responsible for edge device hardening in industrial IoT environments.
Technical summary
The vulnerability exists in the IPSec VPN configuration handling of InHand Networks industrial cellular routers. Insufficient input validation on IPSec-related parameters allows command injection, which the system executes with ROOT privileges. Attackers can leverage this to gain complete control over affected devices without authentication. The attack surface is network-accessible, requiring no user interaction or prior privileges.
Defensive priority
critical
Recommended defensive actions
- Apply firmware updates from InHand Networks as specified in vendor security advisory PSA-2026-05
- Restrict network access to IPSec VPN management interfaces to trusted administrative hosts only
- Monitor for unauthorized configuration changes or unexpected administrative sessions on affected router models
- Review IPSec VPN configuration parameters for signs of tampering or injection attempts
- Consider network segmentation to isolate industrial router management interfaces from untrusted networks
Evidence notes
Vulnerability confirmed through official CVE record and NVD entry with vendor advisory reference. CPE data not yet available in source corpus. Vendor identification based on reference domain candidate with low confidence flag for review.
Official resources
-
CVE-2026-38707 CVE record
CVE.org
-
CVE-2026-38707 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
2026-05-28