VYPR
Critical severity9.8NVD Advisory· Published Sep 4, 2017· Updated Jun 17, 2026

CVE-2017-14127

CVE-2017-14127

Description

Command Injection in the Ping Module in the Web Interface on Technicolor TD5336 OI_Fw_v7 devices allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the pingAddr parameter to mnt_ping.cgi.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.