Inhandnetworks Ir912L-Fq58 Firmware vulnerabilities
5 known vulnerabilities affecting inhandnetworks/ir912l-fq58_firmware.
Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL4HIGH1
Vulnerabilities
Page 1 of 1
CVE-2026-38714P2CRITICALCVSS 9.8fixed in 1.0.0.r200442026-06-18
CVE-2026-38714 [CRITICAL] CWE-77 CVE-2026-38714: InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discov
InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discovered to contain a command injection vulnerability in the Python configuration function. This vulnerability allows remote attackers to execute arbitrary commands as root via a crafted input.
nvd
CVE-2026-38716P2CRITICALCVSS 9.8fixed in 1.0.0.r200442026-06-18
CVE-2026-38716 [CRITICAL] CWE-77 CVE-2026-38716: InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discov
InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discovered to contain a command injection vulnerability in the Python application export function. This vulnerability allows remote attackers to execute arbitrary commands as root via a crafted input.
nvd
CVE-2026-38715P2CRITICALCVSS 9.8fixed in 1.0.0.r200442026-06-18
CVE-2026-38715 [CRITICAL] CWE-77 CVE-2026-38715: InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discov
InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discovered to contain a command injection vulnerability in the log viewing function. This vulnerability allows remote attackers to execute arbitrary commands as root via a crafted input.
nvd
CVE-2026-38717P2CRITICALCVSS 9.8fixed in 1.0.0.r200442026-06-18
CVE-2026-38717 [CRITICAL] CWE-77 CVE-2026-38717: InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discov
InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discovered to contain a command injection vulnerability in the file upload function. The vulnerability allows remote attackers to execute arbitrary commands as root via a crafted input.
nvd
CVE-2026-38718P3HIGHCVSS 7.5fixed in 1.0.0.r200442026-06-18
CVE-2026-38718 [HIGH] CWE-120 CVE-2026-38718: InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discov
InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discovered to contain a buffer overflow vulnerability in the device registration function. This vulnerability could allow an attacker to cause a denial of service attack on the remote target device.
nvd