CVE-2014-9144 Information

Description

Technicolor Router TD5130 with firmware 2.05.C29GV allows remote attackers to execute arbitrary commands via shell metacharacters in the ping field (setobject_ip parameter).

Reference

http://packetstormsecurity.com/files/129374/ADSL2-2.05.C29GV-XSS-URL-Redirect-Command-Injection.html http://www.exploit-db.com/exploits/35462 http://www.securityfocus.com/archive/1/534143/100/0/threaded