CVE-2014-9144
published 2014-12-05CVE-2014-9144: Technicolor Router TD5130 with firmware 2.05.C29GV allows remote attackers to execute arbitrary commands via shell metacharacters in the ping field…
PriorityP262high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
8.56%
94.4th percentile
Technicolor Router TD5130 with firmware 2.05.C29GV allows remote attackers to execute arbitrary commands via shell metacharacters in the ping field (setobject_ip parameter).
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| technicolor | td5130_router_firmware | — | — |
Detection & IOCsextracted from sources · hover to see the quote
commandsetobject_token=SESSION_CONTRACT_TOKEN_TAG%3D0123456789012345&setobject_ip=s1.3.6.1.4.1.283.1000.2.1.6.4.1.0%3Dwww.google.com.br|`id`&setobject_ping=i1.3.6.1.4.1.283.1000.2.1.6.4.2.0%3D1&getobject_result=IGNORE↗
- →Detect command injection attempts in the setobject_ip POST parameter; look for shell metacharacters such as pipe (|) and backtick (`) sequences in the value. ↗
- →Monitor HTTP requests containing the parameter 'setobject_ip' combined with 'setobject_ping' and 'setobject_token', which are characteristic of the vulnerable ping diagnostic endpoint on Technicolor TD5130/DT5130 devices. ↗
- →Flag unauthenticated requests to the ping field endpoint containing URL-encoded shell operators (%7C for pipe, backtick-encoded commands) in the setobject_ip parameter. ↗
- ·The vulnerability is specific to Technicolor TD5130/DT5130 devices running firmware version V2.05.C29GV; detections should be scoped to this firmware version. ↗
- ·The SESSION_CONTRACT_TOKEN_TAG value (0123456789012345) shown in the PoC payload is a placeholder/example token; real exploitation may use a valid session token obtained from the device. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://packetstormsecurity.com/files/129374/ADSL2-2.05.C29GV-XSS-URL-Redirect-Command-Injection.htmlhttp://www.exploit-db.com/exploits/35462http://www.securityfocus.com/archive/1/534143/100/0/threadedhttp://packetstormsecurity.com/files/129374/ADSL2-2.05.C29GV-XSS-URL-Redirect-Command-Injection.htmlhttp://www.exploit-db.com/exploits/35462http://www.securityfocus.com/archive/1/534143/100/0/threaded
2014-12-05
Published