Command Injection Vulnerability in Technicolor Router TD5130
CVE-2014-9144

Currently unrated

Key Information:

Vendor: Technicolor
Status: Td5130 Router Firmware
Vendor: CVE Published:; 5 December 2014

🔔 Create Technicolor Vulnerability Alert

What is CVE-2014-9144?

The Technicolor Router TD5130 with firmware version 2.05.C29GV is susceptible to remote command injection vulnerabilities. Attackers can exploit these flaws by inserting shell metacharacters into the ping field, specifically targeting the setobject_ip parameter. This could potentially allow unauthorized execution of arbitrary commands, compromising the integrity and security of the device and the network it operates on. It's crucial for users to implement security best practices and promptly update their firmware to mitigate these risks.

References

http://www.securityfocus.com/archive/1/534143/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://packetstormsecurity.com/files/129374/ADSL2-2.05.C2...

x_refsource_MISC

http://www.exploit-db.com/exploits/35462

exploitx_refsource_EXPLOIT-DB

EPSS Score

8% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 5, 2014
Vulnerability Reserved
Nov 29, 2014