CVE-2026-31196
published 2026-05-05CVE-2026-31196: OS command injection vulnerability in the traceroute diagnostic handler in /bin/httpd_clientside in ALTICE LABS / SFR France GR140DG Fibre Router with firmware…
PriorityP268high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
1.27%
66.3th percentile
OS command injection vulnerability in the traceroute diagnostic handler in /bin/httpd_clientside in ALTICE LABS / SFR France GR140DG Fibre Router with firmware 3GN8020801R13, 3GN8020802R0A, or 3GN8020803R0A inserts unsanitized user input into a system() call, allowing authenticated remote attackers to execute arbitrary commands as root via crafted destAddr parameters using shell command substitution.
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-489r-v3h6-c72q: The traceroute diagnostic handler in /bin/httpd_clientside for ALTICE LABS / SFR France GR140DG and GR140IG fibre CPE/Router/Gateway, inserts unsaniti
ghsa_unreviewed·2026-05-05
CVE-2026-31196 [HIGH] CWE-78 GHSA-489r-v3h6-c72q: The traceroute diagnostic handler in /bin/httpd_clientside for ALTICE LABS / SFR France GR140DG and GR140IG fibre CPE/Router/Gateway, inserts unsaniti
The traceroute diagnostic handler in /bin/httpd_clientside for ALTICE LABS / SFR France GR140DG and GR140IG fibre CPE/Router/Gateway, inserts unsanitized user input into a system() call, allowing authenticated remote attackers to execute arbitrary commands as root via crafted destAddr parameters using shell command substitution.
VulDB
ALTICE GR140DG/GR140IG /bin/httpd_clientside system destAddr os command injection
vuldb·2026-05-05
CVE-2026-31196 [CRITICAL] ALTICE GR140DG/GR140IG /bin/httpd_clientside system destAddr os command injection
A vulnerability, which was classified as critical, has been found in ALTICE GR140DG and GR140IG. Affected is the function system of the file /bin/httpd_clientside. Performing a manipulation of the argument destAddr results in os command injection.
This vulnerability was named CVE-2026-31196. The attack may be initiated remotely. There is no available exploit.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-05-05
Published