What is CVE-2019-18396?

CVE-2019-18396 is a vulnerability in N/a. Published 2019-10-31.

Is CVE-2019-18396 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2019-18396

An issue was discovered in certain Oi third-party firmware that may be installed on Technicolor TD5130v2 devices. A Command Injection in the Ping module in the Web Interface in OI_Fw_V20 allows remote attackers to execute arbitrary OS comm…

EPSS: 0.568 (98.2th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

ARPSyndicate/cvemon

References

www.twitter.com/c4pt41nnn (x_refsource_MISC)
medium.com/@c4pt41nnn/cve-2019-18396-command-injection-in-technicolor-router-da… (x_refsource_MISC)
packetstormsecurity.com/files/155296/Technicolor-TD5130.2-Remote-Command-Execut… (x_refsource_MISC)

Frequently asked questions

What is CVE-2019-18396?: CVE-2019-18396 is a vulnerability in N/a. Published 2019-10-31.
Is CVE-2019-18396 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.