{"vulnerability": "cve-2026-3870", "sightings": [{"uuid": "06028154-4b23-424c-bef9-11ecc1c88836", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-38704", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/116653667300152603", "content": "Anyone know anything about these router vulns? I'm especially interested in CVE-2026-38704, a command injection in the Wireguard function, and CVE-2026-38707, a command injection in the IPSEC function.\nhttps://www.inhand.com/wp-content/uploads/InHand-PSA-2026-05_EN.pdf", "creation_timestamp": "2026-05-28T18:41:46.016500Z"}, {"uuid": "eec27f9a-e96d-411d-9745-b11d4cb5f7fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-38707", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/116653667300152603", "content": "Anyone know anything about these router vulns? I'm especially interested in CVE-2026-38704, a command injection in the Wireguard function, and CVE-2026-38707, a command injection in the IPSEC function.\nhttps://www.inhand.com/wp-content/uploads/InHand-PSA-2026-05_EN.pdf", "creation_timestamp": "2026-05-28T18:41:46.192893Z"}, {"uuid": "5b0fbfb6-0926-47c6-8a87-ed47469b1b83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-38703", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmwrbkouza2p", "content": "CVE-2026-38703 - \"InHand Networks ZeroTier VPN Command Injection\"\nCVE ID : CVE-2026-38703\n \n Published : May 28, 2026, 5:16 p.m. | 1\u00a0hour, 54\u00a0minutes ago\n \n Description : A command injection vulnerability exists in the ZeroTier VPN feature of InHand Networks IR302 firmware V3....", "creation_timestamp": "2026-05-28T19:33:55.602545Z"}, {"uuid": "e9457899-836b-4503-9278-2594e1007feb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-38707", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmwrh3q2u72e", "content": "CVE-2026-38707 - InHand Networks IPSec VPN Command Injection Vulnerability\nCVE ID : CVE-2026-38707\n \n Published : May 28, 2026, 5:16 p.m. | 1\u00a0hour, 54\u00a0minutes ago\n \n Description : A command injection vulnerability exists in the IPSec VPN feature of InHand Networks IR302 firmwa...", "creation_timestamp": "2026-05-28T19:37:01.020995Z"}, {"uuid": "f79f3045-cb1b-44cc-803f-c5c55f3bcd8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-38704", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmwru7pojs2i", "content": "CVE-2026-38704 - InHand Networks WireGuard Command Injection Vulnerability\nCVE ID : CVE-2026-38704\n \n Published : May 28, 2026, 5:16 p.m. | 1\u00a0hour, 54\u00a0minutes ago\n \n Description : A command injection vulnerability exists in the WireGuard VPN feature of InHand Networks IR302 fi...", "creation_timestamp": "2026-05-28T19:44:21.786684Z"}]}