High severity8.8NVD Advisory· Published May 5, 2026· Updated Jun 15, 2026
CVE-2026-31195
CVE-2026-31195
Description
OS command injection vulnerability in the ping diagnostic handler in /bin/httpd_clientside in ALTICE LABS / SFR France GR140DG Fibre Router with firmware 3GN8020801R13, 3GN8020802R0A, or 3GN8020803R0A inserts unsanitized user input into a system() call, allowing authenticated remote attackers to execute arbitrary commands as root via crafted destAddr parameters using shell command substitution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: = 3GN8020801R13, 3GN8020802R0A, 3GN8020803R0A
- Range: = 3GN8020801R13, 3GN8020802R0A, 3GN8020803R0A
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.