CVE-2019-25483
Received Received - Intake
Restricted Shell Escape in Comtrend AR-5310 Enables Command Injection

Publication date: 2026-03-11

Last updated on: 2026-03-11

Assigner: VulnCheck

Description
Comtrend AR-5310 GE31-412SSG-C01_R10.A2pG039u.d24k contains a restricted shell escape vulnerability that allows local users to bypass command restrictions by using the command substitution operator $( ). Attackers can inject arbitrary commands through the $( ) syntax when passed as arguments to allowed commands like ping to execute unrestricted shell access.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-11
Last Modified
2026-03-11
Generated
2026-06-16
AI Q&A
2026-03-11
EPSS Evaluated
2026-06-15
NVD
CVE-2019-25483
EUVD
EUVD-2019-19761
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
comtrend ar-5310 *
comtrend ar-5310 From ge31-412ssg-c01_r10.a2pg039u.d24k (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': 'The Comtrend AR-5310 router uses a restricted shell environment that limits users to a set of allowed commands like ping, reboot, and ifconfig. However, it fails to filter the command substitution operator "$()", which allows local users to bypass these restrictions.'}, {'type': 'paragraph', 'content': 'By using the "$()" syntax, an attacker can inject arbitrary commands inside allowed commands. For example, running a command like `ping $(sh)` spawns a shell subprocess, escaping the restricted shell and enabling execution of unrestricted commands.'}, {'type': 'paragraph', 'content': 'This vulnerability allows local users to execute arbitrary commands beyond the restricted command list, potentially leading to unauthorized system access or privilege escalation.'}] [1]

Impact Analysis

This vulnerability can allow a local attacker to bypass command restrictions and execute arbitrary commands on the affected Comtrend AR-5310 router.

  • Unauthorized system access by escaping the restricted shell environment.
  • Potential privilege escalation, giving attackers higher-level control over the device.
  • Execution of arbitrary commands could lead to disruption of network services or compromise of sensitive data.
Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by testing if the restricted shell on the Comtrend AR-5310 router allows command substitution using the "$()" operator. Since common shell operators like ";", "&", "|", and backticks are filtered, but "$()" is not, you can attempt to execute commands using this syntax to verify if the shell escapes restrictions.'}, {'type': 'list_item', 'content': 'Try running a command such as: ping $(sh) β€” if this spawns a shell subprocess or executes arbitrary commands, the vulnerability is present.'}, {'type': 'list_item', 'content': 'Check for unexpected shell access or command execution beyond the allowed commands (help, logout, reboot, ping, ifconfig, traceroute, etc.) by using the "$()" syntax in arguments to these commands.'}] [1]

Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2019-25483. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart