NVD Vulnerability Detail

Search Exploit, PoC

Exploit DB

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-31195

Summary	The ping diagnostic handler in /bin/httpd_clientside for ALTICE LABS / SFR France GR140DG and GR140IG fibre CPE/Router/Gateway, inserts unsanitized user input into a system() call, allowing authenticated remote attackers to execute arbitrary commands as root via crafted destAddr parameters using shell command substitution.
Publication Date	May 6, 2026, 1:16 a.m.
Registration Date	May 6, 2026, 4:07 a.m.
Last Update	May 6, 2026, 1:16 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	http://altice.com	cve@mitre.org
2	http://gr140dg.com	cve@mitre.org
3	https://xerod.io/advisories/XEROD-2026-0001	cve@mitre.org

Common Vulnerabilities List