Description
A command injection vulnerability exists in the ZeroTier VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118, IR315 firmware V1.0.118, IR615 firmware V1.0.118, and earlier versions. Attackers can exploit this vulnerability to obtain ROOT privileges on remote target devices.
Published: 2026-05-28
Score: 9.8 Critical
EPSS: 1.2% Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A command injection vulnerability exists in the ZeroTier VPN feature of InHand Networks firmware for IR302, IR305, IR315, and IR615 devices. Attackers can exploit this vulnerability to obtain root privileges on remote target devices. This flaw directly compromises confidentiality, integrity, and availability by allowing an attacker to fully control the device.

Affected Systems

InHand Networks firmware versions V3.5.108 for IR302, V1.0.118 for IR305, IR315, and IR615, as well as any earlier build of these devices. Users operating these models should verify the firmware version in use and consider updating to a version that includes the fix.

Risk and Exploitability

The vulnerability allows remote command execution through the ZeroTier VPN interface, enabling an attacker to acquire root privileges on the device. The exact attack vector is likely a crafted VPN packet sent over the network, though the specific packet format is not disclosed. No EPSS score is available and the vulnerability is not listed in CISA KEV, but the CVSS score of 9.8 signals a severe risk. The ability to execute commands with root privileges could allow an attacker to fully compromise the device.

Generated by OpenCVE AI on May 28, 2026 at 19:29 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update all affected devices to the latest firmware release that contains the ZeroTier VPN patch.
  • If an update is not yet available, disable the ZeroTier VPN feature in device settings or block its traffic with firewall rules.
  • Monitor device logs for unexpected command execution patterns and restrict VPN access to trusted networks.

Generated by OpenCVE AI on May 28, 2026 at 19:29 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 29 May 2026 14:15:00 +0000

Type Values Removed Values Added
First Time appeared Inhandnetworks
Inhandnetworks ir302
Inhandnetworks ir302 Firmware
Inhandnetworks ir305
Inhandnetworks ir305 Firmware
Inhandnetworks ir315
Inhandnetworks ir315 Firmware
Inhandnetworks ir615
Inhandnetworks ir615 Firmware
CPEs cpe:2.3:h:inhandnetworks:ir302:-:*:*:*:*:*:*:*
cpe:2.3:h:inhandnetworks:ir305:-:*:*:*:*:*:*:*
cpe:2.3:h:inhandnetworks:ir315:-:*:*:*:*:*:*:*
cpe:2.3:h:inhandnetworks:ir615:-:*:*:*:*:*:*:*
cpe:2.3:o:inhandnetworks:ir302_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:inhandnetworks:ir305_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:inhandnetworks:ir315_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:inhandnetworks:ir615_firmware:*:*:*:*:*:*:*:*
Vendors & Products Inhandnetworks
Inhandnetworks ir302
Inhandnetworks ir302 Firmware
Inhandnetworks ir305
Inhandnetworks ir305 Firmware
Inhandnetworks ir315
Inhandnetworks ir315 Firmware
Inhandnetworks ir615
Inhandnetworks ir615 Firmware

Thu, 28 May 2026 19:45:00 +0000

Type Values Removed Values Added
Title Root Privilege Escalation via Command Injection in InHand ZeroTier VPN Firmware

Thu, 28 May 2026 18:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-77
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 28 May 2026 17:00:00 +0000

Type Values Removed Values Added
Description A command injection vulnerability exists in the ZeroTier VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118, IR315 firmware V1.0.118, IR615 firmware V1.0.118, and earlier versions. Attackers can exploit this vulnerability to obtain ROOT privileges on remote target devices.
References

Subscriptions

Inhandnetworks Ir302 Ir302 Firmware Ir305 Ir305 Firmware Ir315 Ir315 Firmware Ir615 Ir615 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-05-28T17:38:09.540Z

Reserved: 2026-04-06T00:00:00.000Z

Link: CVE-2026-38703

cve-icon Vulnrichment

Updated: 2026-05-28T17:38:02.525Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-28T17:16:21.293

Modified: 2026-05-29T14:09:03.913

Link: CVE-2026-38703

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-30T21:19:35Z

Weaknesses
  • CWE-77

    Improper Neutralization of Special Elements used in a Command ('Command Injection')