{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-5339", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-04-01T14:09:12.110Z", "datePublished": "2026-04-02T14:15:12.509Z", "dateUpdated": "2026-04-02T15:55:52.097Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-02T14:15:12.509Z"}, "title": "Tenda G103 Setting gpon.lua action_set_net_settings command injection", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-77", "lang": "en", "description": "Command Injection"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-74", "lang": "en", "description": "Injection"}]}], "affected": [{"vendor": "Tenda", "product": "G103", "versions": [{"version": "1.0.0.5", "status": "affected"}], "cpes": ["cpe:2.3:o:tenda:g103_firmware:*:*:*:*:*:*:*:*"], "modules": ["Setting Handler"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was detected in Tenda G103 1.0.0.5. The impacted element is the function action_set_net_settings of the file gpon.lua of the component Setting Handler. Performing a manipulation of the argument authLoid/authLoidPassword/authPassword/authSerialNo/authType/oltType/usVlanId/usVlanPriority results in command injection. It is possible to initiate the attack remotely. The exploit is now public and may be used."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.1, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 4.7, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 4.7, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 5.8, "vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-04-01T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-04-01T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-04-01T16:14:18.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "n0ps1ed (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/vuln/354670", "name": "VDB-354670 | Tenda G103 Setting gpon.lua action_set_net_settings command injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/354670/cti", "name": "VDB-354670 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/781132", "name": "Submit #781132 | Tenda G103 G103_V1.0.0.5 Command Injection", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/submit/781133", "name": "Submit #781133 | Tenda G103 G103_V1.0.0.5 Command Injection (Duplicate)", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/submit/781134", "name": "Submit #781134 | Tenda G103 G103_V1.0.0.5 Command Injection (Duplicate)", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/submit/781135", "name": "Submit #781135 | Tenda G103 G103_V1.0.0.5 Command Injection (Duplicate)", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/submit/781142", "name": "Submit #781142 | Tenda G103 G103_V1.0.0.5 Command Injection (Duplicate)", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/submit/781143", "name": "Submit #781143 | Tenda G103 G103_V1.0.0.5 Command Injection (Duplicate)", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/submit/781144", "name": "Submit #781144 | Tenda G103 G103_V1.0.0.5 Command Injection (Duplicate)", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/submit/781145", "name": "Submit #781145 | Tenda G103 G103_V1.0.0.5 Command Injection (Duplicate)", "tags": ["third-party-advisory"]}, {"url": "https://github.com/ZZ2266/.github.io/tree/main/Tenda%20G103/authLoid", "tags": ["exploit"]}, {"url": "https://www.tenda.com.cn/", "tags": ["product"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-02T15:36:57.243748Z", "id": "CVE-2026-5339", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-02T15:55:52.097Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-5339", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-02T15:36:57.243748Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-02T15:55:45.695Z"}}], "cna": {"title": "Tenda G103 Setting gpon.lua action_set_net_settings command injection", "credits": [{"lang": "en", "type": "reporter", "value": "n0ps1ed (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 4.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 4.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 5.8, "vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}], "affected": [{"cpes": ["cpe:2.3:o:tenda:g103_firmware:*:*:*:*:*:*:*:*"], "vendor": "Tenda", "modules": ["Setting Handler"], "product": "G103", "versions": [{"status": "affected", "version": "1.0.0.5"}]}], "timeline": [{"lang": "en", "time": "2026-04-01T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-04-01T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-04-01T16:14:18.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/vuln/354670", "name": "VDB-354670 | Tenda G103 Setting gpon.lua action_set_net_settings command injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/354670/cti", "name": "VDB-354670 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/781132", "name": "Submit #781132 | Tenda G103 G103_V1.0.0.5 Command Injection", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/submit/781133", "name": "Submit #781133 | Tenda G103 G103_V1.0.0.5 Command Injection (Duplicate)", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/submit/781134", "name": "Submit #781134 | Tenda G103 G103_V1.0.0.5 Command Injection (Duplicate)", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/submit/781135", "name": "Submit #781135 | Tenda G103 G103_V1.0.0.5 Command Injection (Duplicate)", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/submit/781142", "name": "Submit #781142 | Tenda G103 G103_V1.0.0.5 Command Injection (Duplicate)", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/submit/781143", "name": "Submit #781143 | Tenda G103 G103_V1.0.0.5 Command Injection (Duplicate)", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/submit/781144", "name": "Submit #781144 | Tenda G103 G103_V1.0.0.5 Command Injection (Duplicate)", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/submit/781145", "name": "Submit #781145 | Tenda G103 G103_V1.0.0.5 Command Injection (Duplicate)", "tags": ["third-party-advisory"]}, {"url": "https://github.com/ZZ2266/.github.io/tree/main/Tenda%20G103/authLoid", "tags": ["exploit"]}, {"url": "https://www.tenda.com.cn/", "tags": ["product"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was detected in Tenda G103 1.0.0.5. The impacted element is the function action_set_net_settings of the file gpon.lua of the component Setting Handler. Performing a manipulation of the argument authLoid/authLoidPassword/authPassword/authSerialNo/authType/oltType/usVlanId/usVlanPriority results in command injection. It is possible to initiate the attack remotely. The exploit is now public and may be used."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-77", "description": "Command Injection"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-74", "description": "Injection"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-02T14:15:12.509Z"}}}, "cveMetadata": {"cveId": "CVE-2026-5339", "state": "PUBLISHED", "dateUpdated": "2026-04-02T15:55:52.097Z", "dateReserved": "2026-04-01T14:09:12.110Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-04-02T14:15:12.509Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was detected in Tenda G103 1.0.0.5. The impacted element is the function action_set_net_settings of the file gpon.lua of the component Setting Handler. Performing a manipulation of the argument authLoid/authLoidPassword/authPassword/authSerialNo/authType/oltType/usVlanId/usVlanPriority results in command injection. It is possible to initiate the attack remotely. The exploit is now public and may be used."}], "id": "CVE-2026-5339", "lastModified": "2026-04-02T15:16:53.080", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "MULTIPLE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 6.4, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 3.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "HIGH", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-04-02T15:16:53.080", "references": [{"source": "cna@vuldb.com", "url": "https://github.com/ZZ2266/.github.io/tree/main/Tenda%20G103/authLoid"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/submit/781132"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/submit/781133"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/submit/781134"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/submit/781135"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/submit/781142"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/submit/781143"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/submit/781144"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/submit/781145"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/354670"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/354670/cti"}, {"source": "cna@vuldb.com", "url": "https://www.tenda.com.cn/"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-74"}, {"lang": "en", "value": "CWE-77"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.0.0.5"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "G103", "source": "cna", "vendor": "Tenda"}, "product": "g103", "vendor": "tenda"}], "analysis": {"en": {"generated_at": "2026-04-02T15:21:56.528702+00:00", "value": {"mitigation_remediation": ["Check the vendor\u2019s support site for an updated firmware release that addresses this command injection vulnerability and apply the patch immediately.", "If no patch is available, block external access to the device\u2019s management interface or remove the management API from the exposed network profile.", "Monitor network traffic and device logs for abnormal command execution indicators, and reset any compromised credentials.", "Consider isolating the router from critical network segments until a fix is deployed."], "summary": {"action": "Immediate Patch", "impact": "Remote Command Execution via HTTP parameter injection"}, "threat_synthesis": {"affected_systems": "The affected system is the Tenda G103 router, running firmware version 1.0.0.5. No other versions or variants are reported as vulnerable in the provided data.", "description_and_impact": "A flaw in the action_set_net_settings function of the gpon.lua handler in Tenda G103 firmware allows an attacker to inject arbitrary shell commands. By supplying specially crafted values for parameters such as authLoid, authPassword, and US VLAN identifiers, the device can execute commands supplied by the attacker. This vulnerability enables remote exploitation with potential to compromise confidentiality, integrity, and availability of the device and any network resources to which it connects. The weakness corresponds to CWE-74 (OS Command Injection) and CWE-77 (Command Injection).", "risk_and_exploitability": "The CVSS score for this issue is 5.1, indicating a medium severity. EPSS data is not available, and the vulnerability is not listed in CISA\u2019s KEV catalog. The publicly available exploit can be launched remotely by sending crafted HTTP requests to the router, likely over the network interface exposed to the attacker. No authentication requirements are detailed in the description, suggesting the API may be reachable without credentials, but the precise prerequisites are not explicitly stated."}}}}, "created": "2026-04-02T20:12:21.125098+00:00", "updated": "2026-04-02T20:21:01.699662+00:00", "vendors": ["tenda", "tenda$PRODUCT$g103"]}