CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-38714

InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discovered to contain a command injection vulnerability in the Python configuration function. This vulnerability allows remote attackers to execute arbitrary commands as root via a crafted input.

Exploit prediction scoring system (EPSS) score

CVSS Severity

CVSS v3 Score 9.8

References

https://www.inhand.com/wp-content/uploads/2026/06/InHand-PSA-2026-06_EN.pdf

Products affected by CVE-2026-38714

Inhandnetworks » Ir912l-Fq58 » Version: N/A

cpe:2.3:h:inhandnetworks:ir912l-fq58:-
Inhandnetworks » Ir915l-Fq39-S » Version: N/A

cpe:2.3:h:inhandnetworks:ir915l-fq39-s:-
Inhandnetworks » Ir912l-Fq58 Firmware » Version: Any

cpe:2.3:o:inhandnetworks:ir912l-fq58_firmware:*
Inhandnetworks » Ir915l-Fq39-S Firmware » Version: Any

cpe:2.3:o:inhandnetworks:ir915l-fq39-s_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-38714

Products

Pricing

Contact Us