A critical command injection vulnerability in InHand Networks industrial routers allows remote attackers to obtain root privileges on target devices.

The vulnerability exists in the Admin Access feature of the device firmware. An attacker can exploit this flaw to perform command injection, ultimately gaining root-level control over the affected industrial routers.

The CVSS score of 9.8 reflects the high risk to critical infrastructure. Root access allows an attacker to control the router, intercept network traffic, modify configurations, or use the device as a pivot point for further attacks on the internal network.

Immediate Action: Update the firmware for affected InHand Networks routers to versions later than V3.5.108 (for IR302) or V1.0.118 (for IR305/IR315/IR615).

Proactive Monitoring: Monitor for anomalous outbound traffic from these routers and audit logs for unauthorized configuration changes.

Compensating Controls: Isolate industrial routers from the public internet using VPNs and restrict administrative access to a hardened management network.

Public Exploit Available: False

Operators of industrial control systems should identify and update all vulnerable InHand Networks firmware immediately. Securing these devices is essential to preventing unauthorized access to industrial network environments.