cbcvebase.
CVE-2014-9144
published 2014-12-05

CVE-2014-9144: Technicolor Router TD5130 with firmware 2.05.C29GV allows remote attackers to execute arbitrary commands via shell metacharacters in the ping field…

PriorityP262high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
8.56%
94.4th percentile
Technicolor Router TD5130 with firmware 2.05.C29GV allows remote attackers to execute arbitrary commands via shell metacharacters in the ping field (setobject_ip parameter).

Affected

1 ranges
VendorProductVersion rangeFixed in
technicolortd5130_router_firmware

Detection & IOCsextracted from sources · hover to see the quote

url/basicauth.cgi?index.html?failrefer=alert('TESTE')"%0A
commandsetobject_token=SESSION_CONTRACT_TOKEN_TAG%3D0123456789012345&setobject_ip=s1.3.6.1.4.1.283.1000.2.1.6.4.1.0%3Dwww.google.com.br|`id`&setobject_ping=i1.3.6.1.4.1.283.1000.2.1.6.4.2.0%3D1&getobject_result=IGNORE
  • Detect command injection attempts in the setobject_ip POST parameter; look for shell metacharacters such as pipe (|) and backtick (`) sequences in the value.
  • Monitor HTTP requests containing the parameter 'setobject_ip' combined with 'setobject_ping' and 'setobject_token', which are characteristic of the vulnerable ping diagnostic endpoint on Technicolor TD5130/DT5130 devices.
  • Flag unauthenticated requests to the ping field endpoint containing URL-encoded shell operators (%7C for pipe, backtick-encoded commands) in the setobject_ip parameter.
  • ·The vulnerability is specific to Technicolor TD5130/DT5130 devices running firmware version V2.05.C29GV; detections should be scoped to this firmware version.
  • ·The SESSION_CONTRACT_TOKEN_TAG value (0123456789012345) shown in the PoC payload is a placeholder/example token; real exploitation may use a valid session token obtained from the device.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.