cvedb.io
CVE-2026-38714
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2026-06-18T17:16:30.107 · Last modified 2026-06-22T17:47:33.733

Summary

InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discovered to contain a command injection vulnerability in the Python configuration function. This vulnerability allows remote attackers to execute arbitrary commands as root via a crafted input.

Affected products

inhandnetworks — ir915l-fq39-s_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when inhandnetworks ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.