CVE-2025-67447

The network diagnosis ping module in Neterbit NW-431F Router 20241014-IR03 and before is vulnerable to OS command injection. The application does not properly sanitize user input in the IP address field before passing it to the system's ping command. An attacker can inject arbitrary OS commands,...

CVE-2025-67447

The CVE concerns the ping module in Neterbit NW-431F Router (versions up to 20241014-IR03) with OS command injection via unsanitized IP address input fed to the system ping. The input validation flaw allows an attacker to inject arbitrary commands, which would run with the web server’s privileges...

CVE-2025-67447

The network diagnosis ping module in Neterbit NW-431F Router 20241014-IR03 and before is vulnerable to OS command injection. The application does not properly sanitize user input in the IP address field before passing it to the system's ping command. An attacker can inject arbitrary OS commands,...

CVE-2025-67447

The network diagnosis ping module in Neterbit NW-431F Router 20241014-IR03 and before is vulnerable to OS command injection. The application does not properly sanitize user input in the IP address field before passing it to the system's ping command. An attacker can inject arbitrary OS commands,...

CVE-2025-67447

The network diagnosis ping module in Neterbit NW-431F Router 20241014-IR03 and before is vulnerable to OS command injection. The application does not properly sanitize user input in the IP address field before passing it to the system's ping command. An attacker can inject arbitrary OS commands,...

VulnCheck KEV: CVE-2019-18396

An issue was discovered in certain Oi third-party firmware that may be installed on Technicolor TD5130v2 devices. A Command Injection in the Ping module in the Web Interface in OIFwV20 allows remote attackers to execute arbitrary OS commands in the pingAddr parameter to mntping.cgi. NOTE: This...

CVE-2019-18396

An issue was discovered in certain Oi third-party firmware that may be installed on Technicolor TD5130v2 devices. A Command Injection in the Ping module in the Web Interface in OIFwV20 allows remote attackers to execute arbitrary OS commands in the pingAddr parameter to mntping.cgi. NOTE: This ma...

CVE-2019-18396

An issue was discovered in certain Oi third-party firmware that may be installed on Technicolor TD5130v2 devices. A Command Injection in the Ping module in the Web Interface in OIFwV20 allows remote attackers to execute arbitrary OS commands in the pingAddr parameter to mntping.cgi. NOTE: This ma...

Command injection

An issue was discovered in certain Oi third-party firmware that may be installed on Technicolor TD5130v2 devices. A Command Injection in the Ping module in the Web Interface in OIFwV20 allows remote attackers to execute arbitrary OS commands in the pingAddr parameter to mntping.cgi. NOTE: This ma...

CVE-2019-18396

CVE-2019-18396 affects Technicolor TD5130v2 devices running OI_Fw_V20. A command injection exists in the Ping module of the Web Interface via the pingAddr parameter to mnt_ping.cgi, enabling remote attackers to execute arbitrary OS commands. Public details show an example payload in POST /mnt_pin...

CVE-2019-18396

An issue was discovered in certain Oi third-party firmware that may be installed on Technicolor TD5130v2 devices. A Command Injection in the Ping module in the Web Interface in OIFwV20 allows remote attackers to execute arbitrary OS commands in the pingAddr parameter to mntping.cgi. NOTE: This ma...

Technicolor TD5336 OI_Fw_v7 Command Injection Vulnerability

Technicolor TD5336 OIFwv7 devices is a modem from Technicolor France. A command injection vulnerability exists in the Ping Module of the Web Interface on Technicolor TD5336 OIFwv7 devices. A remote attacker can exploit this vulnerability by sending the 'pingAddr' parameter with metacharacters to...

CVE-2017-14127

Command Injection in the Ping Module in the Web Interface on Technicolor TD5336 OIFwv7 devices allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the pingAddr parameter to mntping.cgi...

Command injection

Command Injection in the Ping Module in the Web Interface on Technicolor TD5336 OIFwv7 devices allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the pingAddr parameter to mntping.cgi...

CVE-2017-14127

Command Injection in the Ping Module in the Web Interface on Technicolor TD5336 OIFwv7 devices allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the pingAddr parameter to mntping.cgi...

CVE-2017-14127

Command Injection in the Ping Module in the Web Interface on Technicolor TD5336 OIFwv7 devices allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the pingAddr parameter to mntping.cgi...

CVE-2017-14127

CVE-2017-14127 is a command-injection vulnerability in the Ping Module of the Technicolor TD5336 TD5336 OI_Fw_v7 device web interface. The issue allows remote attackers to execute arbitrary OS commands as root by injecting shell metacharacters into the pingAddr parameter sent to mnt_ping.cgi. Pub...