An issue exists in certain Oi third-party firmware that may be installed on Technicolor TD5130v2 devices. A Command Injection in the Ping module in the Web Interface in OI_Fw_V20 allows remote malicious users to execute arbitrary OS commands in the pingAddr parameter to mnt_ping.cgi. NOTE: This may overlap CVE-2017–14127.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
technicolor td5130v2_firmware oi_fw_v20 |