CVE-2026-38718
Analyzed
Analyzed - Analysis Complete
Buffer Overflow in InHand Networks IR912 and IR915 Devices
Vulnerability report for CVE-2026-38718, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.
Publication date: 2026-06-18
Last updated on: 2026-06-22
Assigner: MITRE
Description
Description
InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discovered to contain a buffer overflow vulnerability in the device registration function. This vulnerability could allow an attacker to cause a denial of service attack on the remote target device.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| inhandnetworks | ir915l-fq39-s_firmware | to 1.0.0.r20044 (exc) |
| inhandnetworks | ir912l-fq58_firmware | to 1.0.0.r20044 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |