Inhandnetworks Ir615 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Inhandnetworks Ir615 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (17)
CVE-2021-38462 — CVSS 9.8 (critical): InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 does not enforce an efficient password policy. This may allow an…
CVE-2026-38702 — CVSS 9.8 (critical): A command injection vulnerability exists in the Admin Access feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118…
CVE-2026-38703 — CVSS 9.8 (critical): A command injection vulnerability exists in the ZeroTier VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118…
CVE-2026-38704 — CVSS 9.8 (critical): A command injection vulnerability exists in the WireGuard VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118…
CVE-2026-38707 — CVSS 9.8 (critical): A command injection vulnerability exists in the IPSec VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118…
CVE-2021-38480 — CVSS 9.6 (critical): InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 are vulnerable to cross-site request forgery when unauthorized commands…
CVE-2021-38470 — CVSS 9.1 (critical): InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 are vulnerable to an attacker using a ping tool to inject commands into…
CVE-2021-38478 — CVSS 9.1 (critical): InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 are vulnerable to an attacker using a traceroute tool to inject…
CVE-2021-38484 — CVSS 9.1 (critical): InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 do not have a filter or signature check to detect or prevent an upload…
CVE-2021-38466 — CVSS 8.8 (high): InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 do not perform sufficient input validation on client requests from the…
CVE-2021-38482 — CVSS 8.7 (high): InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 website used to control the router is vulnerable to stored cross-site…
CVE-2021-38468 — CVSS 8.7 (high): InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 are vulnerable to stored cross-scripting, which may allow an attacker…
CVE-2021-38486 — CVSS 8.0 (high): InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 cloud portal allows for self-registration of the affected product…
CVE-2021-38476 — CVSS 6.5 (medium): InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 authentication process response indicates and validates the existence…
CVE-2021-38464 — CVSS 6.4 (medium): InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 have inadequate encryption strength, which may allow an attacker to…
CVE-2021-38474 — CVSS 6.3 (medium): InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 have has no account lockout policy configured for the login page of the…
CVE-2021-38472 — CVSS 4.7 (medium): InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 management portal does not contain an X-FRAME-OPTIONS header, which an…