EUVD-2026-9369

An OS Command Injection vulnerability exists in the web-based Traceroute diagnostic utility of International Datacasting Corporation IDC SFX Series SuperFlex SatelliteReceiver Web Management Interface version 101. An authenticated attacker can inject arbitrary shell metacharacters such as the pip...

CVE-2026-28774 Authenticated OS Command Injection via Traceroute Utility leads to Root RCE

An OS Command Injection vulnerability exists in the web-based Traceroute diagnostic utility of International Datacasting Corporation IDC SFX Series SuperFlex SatelliteReceiver Web Management Interface version 101. An authenticated attacker can inject arbitrary shell metacharacters such as the pip...

EUVD-2019-3032

Malware in sbrugna...

CVE-2024-31977

Adtran 834-5 11.1.0.101-202106231430, and fixed as of SmartOS Version 12.6.3.1, devices allow OS Command Injection via shell metacharacters to the Ping or Traceroute utility...

PT-2024-5338 · Adtran · Adtran 834-5

Name of the Vulnerable Software and Affected Versions: Adtran 834-5 versions 11.1.0.101-202106231430 SmartOS versions prior to 12.6.3.1 Description: The issue is related to the Ping and Traceroute utilities in the SmartOS operating system of AdTran SRG 834-5 Wi-Fi routers. It allows OS Command...

Arbitrary Code Execution

traceroute is vulnerable to Arbitrary Code Execution. A command-line argument parsing vulnerability in the traceroute utility allows an attacker to execute arbitrary code on a vulnerable system by exploiting a flaw in the way that traceroute parses command-line arguments...

[SECURITY] Fedora 39 Update: traceroute-2.1.3-1.fc39

The traceroute utility displays the route used by IP packets on their way to a specified network or Internet host. Traceroute displays the IP number and host name if possible of the machines along the route taken by the packets. Traceroute is used as a network debugging tool. If you're having...

CVE-2022-29897

On various RAD-ISM-900-EN- devices by PHOENIX CONTACT an admin user could use the traceroute utility integrated in the WebUI to execute arbitrary code with root privileges on the OS due to an improper input validation in all versions of the firmware...

Input validation

On various RAD-ISM-900-EN- devices by PHOENIX CONTACT an admin user could use the traceroute utility integrated in the WebUI to execute arbitrary code with root privileges on the OS due to an improper input validation in all versions of the firmware...

CVE-2022-29897 Remote Code Execution in all versions of various RAD-ISM-900-EN-* devices by PHOENIX CONTACT

On various RAD-ISM-900-EN- devices by PHOENIX CONTACT an admin user could use the traceroute utility integrated in the WebUI to execute arbitrary code with root privileges on the OS due to an improper input validation in all versions of the firmware...

CVE-2022-29897

CVE-2022-29897 affects Phoenix Contact RAD-ISM-900-EN-* wireless Ethernet transceivers. An improper input validation flaw in the traceroute utility exposed via the WebUI allows an admin-user to execute arbitrary code with root privileges on the OS, across all firmware versions. The documents conf...