A critical command injection vulnerability in the WireGuard VPN implementation of several InHand Networks industrial gateways presents a severe risk of total system compromise.

This is a command injection vulnerability residing in the VPN configuration interface. The system fails to perform sufficient input validation on user-supplied data, allowing an unauthenticated attacker to inject and execute arbitrary system commands with root-level privileges.

With a CVSS score of 9.8, this vulnerability represents a critical risk. Successful exploitation grants an attacker full control over the affected industrial gateway. This could lead to unauthorized access to internal network segments, data exfiltration, or the disruption of critical operational technology (OT) processes, resulting in significant reputational and operational damage.

Immediate Action: Identify all deployed IR302, IR305, IR315, and IR615 units and verify their firmware versions; update to the latest manufacturer-provided firmware immediately to patch the injection flaw.

Proactive Monitoring: Monitor device access logs for unusual command execution patterns and review network traffic logs for unexpected connections originating from the VPN interface.

Compensating Controls: If patching is delayed, restrict access to the device management interfaces and VPN configuration portals to trusted IP addresses only using firewall rules.

Public Exploit Available: false

Given the severity of the vulnerability and the potential for complete device takeover, immediate patching is mandatory. Organizations should prioritize firmware updates for all internet-facing InHand Networks gateways to mitigate the risk of unauthorized remote command execution.