CVE-2026-38718
published 2026-06-18CVE-2026-38718: InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discovered to contain a buffer overflow vulnerability in the…
PriorityP341high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
0.33%
24.7th percentile
InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discovered to contain a buffer overflow vulnerability in the device registration function. This vulnerability could allow an attacker to cause a denial of service attack on the remote target device.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| inhandnetworks | ir912l-fq58_firmware | < 1.0.0.r20044 | 1.0.0.r20044 |
| inhandnetworks | ir915l-fq39-s_firmware | < 1.0.0.r20044 | 1.0.0.r20044 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
InHand IR912/IR915 1.0.0.r20042 Device Registration buffer overflow (EUVD-2026-37921)
vuldb·2026-06-18
CVE-2026-38718 [CRITICAL] InHand IR912/IR915 1.0.0.r20042 Device Registration buffer overflow (EUVD-2026-37921)
A vulnerability classified as critical was found in InHand IR912 and IR915 1.0.0.r20042. This vulnerability affects unknown code of the component Device Registration Handler. Executing a manipulation can lead to buffer overflow.
This vulnerability is tracked as CVE-2026-38718. The attack can be launched remotely. No exploit exists.
GHSA
InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discovered to contain a buffer overflow vulnerability in the device registration function.
ghsa_unreviewed·2026-06-18
CVE-2026-38718 [HIGH] CWE-120 InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discovered to contain a buffer overflow vulnerability in the device registration function.
InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discovered to contain a buffer overflow vulnerability in the device registration function. This vulnerability could allow an attacker to cause a denial of service attack on the remote target device.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-06-18
Published