Critical severity9.8NVD Advisory· Published Sep 4, 2017· Updated Jun 17, 2026
CVE-2017-14127
CVE-2017-14127
Description
Command Injection in the Ping Module in the Web Interface on Technicolor TD5336 OI_Fw_v7 devices allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the pingAddr parameter to mnt_ping.cgi.
Affected products
2- cpe:2.3:o:technicolor:td5336_firmware:7.0:*:*:*:*:*:*:*
- Range: OI_Fw_v7
Patches
Vulnerability mechanics
References
1- jordyf.me/2017/09/02/technicolor-pwn.htmlnvdThird Party Advisory
News mentions
0No linked articles in our index yet.