CVE-2026-3101
Remote OS Command Injection in Intelbras TIP 635G Ping Handler
Publication date: 2026-02-24
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| intelbras | tip_635g_firmware | 1.12.3.5 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-77 | The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component. |
| CWE-78 | The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-3101 is an OS command injection vulnerability found in the Intelbras TIP 635G version 1.12.3.5, specifically in the Ping Handler component of its web management interface.
The vulnerability occurs because the diagnostic ping feature does not properly sanitize user input and directly incorporates it into system shell commands. This allows an attacker to inject arbitrary OS commands using shell command substitution syntax.
Exploitation can be done remotely and, depending on the source, may require authentication or not. Successful exploitation leads to remote code execution with root-level privileges, enabling complete device compromise.
How can this vulnerability impact me? :
This vulnerability can have severe impacts including complete compromise of the affected device.
- Remote attackers can execute arbitrary OS commands with root privileges.
- Attackers can gain full control over the device, potentially allowing lateral movement within the network.
- Confidentiality, integrity, and availability of the system can be compromised.
- Since the exploit is publicly available and no vendor mitigation exists, the risk of exploitation is high.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'The vulnerability can be detected by testing the diagnostic "ping" feature of the Intelbras TIP 635G version 1.12.3.5 web management interface for OS command injection. Since the injected command output is not displayed in the web interface, detection relies on observing out-of-band effects such as network requests initiated by the compromised device.'}, {'type': 'paragraph', 'content': 'Specifically, an authenticated user can attempt to inject shell command substitution syntax (e.g., $(...)) into the ping input to see if arbitrary commands are executed.'}, {'type': 'paragraph', 'content': 'Example commands to test might include injecting payloads like: ping; curl http://yourserver.com or ping $(curl http://yourserver.com) to trigger outbound network requests that can be monitored externally.'}] [1]
What immediate steps should I take to mitigate this vulnerability?
[{'type': 'paragraph', 'content': 'Immediate mitigation steps are limited as no known countermeasures or patches exist from the vendor.'}, {'type': 'paragraph', 'content': "It is recommended to restrict access to the affected device's web management interface to trusted and authenticated users only."}, {'type': 'paragraph', 'content': 'Monitor network traffic for unusual outbound connections that could indicate exploitation attempts.'}, {'type': 'paragraph', 'content': 'Consider replacing the affected Intelbras TIP 635G device with a secure alternative to eliminate the risk.'}] [2]