Medium severity4.7NVD Advisory· Published Apr 2, 2026· Updated Apr 29, 2026
CVE-2026-5339
CVE-2026-5339
Description
A vulnerability was detected in Tenda G103 1.0.0.5. The impacted element is the function action_set_net_settings of the file gpon.lua of the component Setting Handler. Performing a manipulation of the argument authLoid/authLoidPassword/authPassword/authSerialNo/authType/oltType/usVlanId/usVlanPriority results in command injection. It is possible to initiate the attack remotely. The exploit is now public and may be used.
Affected products
1- cpe:2.3:o:tenda:g103_firmware:1.0.0.5:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
12- github.com/ZZ2266/.github.io/tree/main/Tenda%20G103/authLoidnvdExploitThird Party Advisory
- vuldb.com/submit/781132nvdThird Party AdvisoryVDB Entry
- vuldb.com/submit/781133nvdThird Party AdvisoryVDB Entry
- vuldb.com/submit/781134nvdThird Party AdvisoryVDB Entry
- vuldb.com/submit/781135nvdThird Party AdvisoryVDB Entry
- vuldb.com/submit/781142nvdThird Party AdvisoryVDB Entry
- vuldb.com/submit/781143nvdThird Party AdvisoryVDB Entry
- vuldb.com/submit/781144nvdThird Party AdvisoryVDB Entry
- vuldb.com/submit/781145nvdThird Party AdvisoryVDB Entry
- vuldb.com/vuln/354670nvdThird Party AdvisoryVDB Entry
- vuldb.com/vuln/354670/ctinvdPermissions RequiredVDB Entry
- www.tenda.com.cnnvdProduct
News mentions
0No linked articles in our index yet.