Inhandnetworks Ir302 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Inhandnetworks Ir302 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (25)
CVE-2026-38703 — CVSS 9.8 (critical): A command injection vulnerability exists in the ZeroTier VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118…
CVE-2026-38702 — CVSS 9.8 (critical): A command injection vulnerability exists in the Admin Access feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118…
CVE-2026-38707 — CVSS 9.8 (critical): A command injection vulnerability exists in the IPSec VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118…
CVE-2026-38704 — CVSS 9.8 (critical): A command injection vulnerability exists in the WireGuard VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118…
CVE-2022-26518 — CVSS 8.8 (high): An OS command injection vulnerability exists in the console infactory_net functionality of InHand Networks InRouter302 V3.5.37. A…
CVE-2022-25995 — CVSS 8.8 (high): A command execution vulnerability exists in the console inhand functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted…
CVE-2022-26075 — CVSS 8.8 (high): An OS command injection vulnerability exists in the console infactory_wlan functionality of InHand Networks InRouter302 V3.5.37. A…
CVE-2022-26085 — CVSS 8.8 (high): An OS command injection vulnerability exists in the httpd wlscan_ASP functionality of InHand Networks InRouter302 V3.5.4. A…
CVE-2022-26420 — CVSS 8.8 (high): An OS command injection vulnerability exists in the console infactory_port functionality of InHand Networks InRouter302 V3.5.37. A…
CVE-2022-26780 — CVSS 8.8 (high): Multiple improper input validation vulnerabilities exists in the libnvram.so nvram_import functionality of InHand Networks InRouter302…
CVE-2022-26781 — CVSS 8.8 (high): Multiple improper input validation vulnerabilities exists in the libnvram.so nvram_import functionality of InHand Networks InRouter302…
CVE-2022-26782 — CVSS 8.8 (high): Multiple improper input validation vulnerabilities exists in the libnvram.so nvram_import functionality of InHand Networks InRouter302…
CVE-2022-27172 — CVSS 8.8 (high): A hard-coded password vulnerability exists in the console infactory functionality of InHand Networks InRouter302 V3.5.37. A…
CVE-2022-28689 — CVSS 8.8 (high): A leftover debug code vulnerability exists in the console support functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted…
CVE-2022-30543 — CVSS 8.8 (high): A leftover debug code vulnerability exists in the console infct functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted…
CVE-2022-26042 — CVSS 8.8 (high): An OS command injection vulnerability exists in the daretools binary functionality of InHand Networks InRouter302 V3.5.4. A…
CVE-2022-29888 — CVSS 8.1 (high): A leftover debug code vulnerability exists in the httpd port 4444 upload.cgi functionality of InHand Networks InRouter302 V3.5.45. A…
CVE-2022-26007 — CVSS 7.2 (high): An OS command injection vulnerability exists in the console factory functionality of InHand Networks InRouter302 V3.5.4. A…
CVE-2022-26002 — CVSS 7.2 (high): A stack-based buffer overflow vulnerability exists in the console factory functionality of InHand Networks InRouter302 V3.5.4. A…
CVE-2022-24910 — CVSS 6.7 (medium): A buffer overflow vulnerability exists in the httpd parse_ping_result API functionality of InHand Networks InRouter302 V3.5.4. A…
CVE-2022-26023 — CVSS 6.5 (medium): A leftover debug code vulnerability exists in the console verify functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted…
CVE-2022-26020 — CVSS 6.5 (medium): An information disclosure vulnerability exists in the router configuration export functionality of InHand Networks InRouter302 V3.5.4. A…
CVE-2022-29481 — CVSS 6.5 (medium): A leftover debug code vulnerability exists in the console nvram functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted…
CVE-2022-26510 — CVSS 6.5 (medium): A firmware update vulnerability exists in the iburn firmware checks functionality of InHand Networks InRouter302 V3.5.37. A…
CVE-2022-25172 — CVSS 6.1 (medium): An information disclosure vulnerability exists in the web interface session cookie functionality of InHand Networks InRouter302 V3.5.4. The…