关键漏洞信息 Vulnerability ID: CVE-2026-3101 Affected Product: Intelbras TIP 635G 1.12.3.5 Vulnerability Type: OS Command Injection CVSS Score: 5.7 Current Exploit Price: $0-$5k CTI Interest Score: 1.37 CWE ID: CWE-78 Attack Vector: Remote Exploit Availability: Public exploit available Vendor Response: No response from the vendor Summary A vulnerability classified as critical was found in Intelbras TIP 635G 1.12.3.5. The issue affects the Ping Handler component, leading to OS command injection. The vulnerability can be exploited remotely, affecting confidentiality, integrity, and availability. An exploit is available, and the attack is relatively easy to carry out. Additional Details The vulnerability involves the manipulation of an unknown code block in the Ping Handler component, resulting in OS command injection. The product constructs OS commands using externally-influenced input, which can be manipulated by an attacker. The advisory for this vulnerability can be found at notion.so. The attack technique deployed by this vulnerability is T1202, as per MITRE ATT&CK framework.