CVE-2026-5338 | Tenda G103 1.0.0.5 Setting system.lua action_set_system_settings lanIp command injection

Inserito da Angelo Barbosa | Apr 1, 2026 | CVE

A vulnerability was found in Tenda G103 1.0.0.5. It has been declared as critical. The affected element is the function action_set_system_settings of the file system.lua of the component Setting Handler. Such manipulation of the argument lanIp leads to command injection.

This vulnerability is listed as CVE-2026-5338. The attack may be performed from remote. In addition, an exploit is available.

CVE-2026-5338 | Tenda G103 1.0.0.5 Setting system.lua action_set_system_settings lanIp command injection

Post correlati

CVE-2026-34073 | pyca cryptography 41.0.2/41.0.6/42.0.4/46.0.5 DNS Name

CVE-2023-7130 | code-projects College Notes Gallery 2.0 login.php user sql injection

CVE-2024-20411 | Cisco NX-OS up to 10.4(2) Bash Shell privilege defined with unsafe actions (cisco-sa-nxos-bshacepe-bApeHSx7)

CVE-2024-7559 | File Manager Pro Plugin up to 8.3.7 on WordPress unrestricted upload