G103 Firmware

g103_firmware

Vendor: Tenda • 5 CVEs

CVEs (5)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2026-5339 1Tenda 1G103 Firmware Apr 29, 2026 Apr 2, 2026 2.0 LOW· v4 8.8 HIGH· v3 5.8 MEDIUM· v2 A vulnerability was detected in Tenda G103 1.0.0.5. The impacted element is the function action_set_net_settings of the file gpon.lua of the component Setting Handler. Performing a manipulation of the argument authLoid/a...Show more A vulnerability was detected in Tenda G103 1.0.0.5. The impacted element is the function action_set_net_settings of the file gpon.lua of the component Setting Handler. Performing a manipulation of the argument authLoid/authLoidPassword/authPassword/authSerialNo/authType/oltType/usVlanId/usVlanPriority results in command injection. It is possible to initiate the attack remotely. The exploit is now public and may be used.Show less
CVE-2026-5338 1Tenda 1G103 Firmware Apr 29, 2026 Apr 2, 2026 2.0 LOW· v4 7.2 HIGH· v3 5.8 MEDIUM· v2 A security vulnerability has been detected in Tenda G103 1.0.0.5. The affected element is the function action_set_system_settings of the file system.lua of the component Setting Handler. Such manipulation of the argument...Show more A security vulnerability has been detected in Tenda G103 1.0.0.5. The affected element is the function action_set_system_settings of the file system.lua of the component Setting Handler. Such manipulation of the argument lanIp leads to command injection. The attack may be performed from remote. The exploit has been disclosed publicly and may be used.Show less
CVE-2023-33530 1Tenda 1G103 Firmware Jan 8, 2025 Jun 6, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 There is a command injection vulnerability in the Tenda G103 Gigabit GPON Terminal with firmware version V1.0.0.5. If an attacker gains web management privileges, they can inject commands gaining shell privileges.
CVE-2023-27076 1Tenda 1G103 Firmware May 5, 2025 Apr 10, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Command injection vulnerability found in Tenda G103 v.1.0.0.5 allows attacker to execute arbitrary code via a the language parameter.
CVE-2023-27079 1Tenda 1G103 Firmware Feb 25, 2025 Mar 23, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Command Injection vulnerability found in Tenda G103 v.1.0.05 allows an attacker to obtain sensitive information via a crafted package