2 results (0.013 seconds)

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0

There is a command injection vulnerability in the Tenda G103 Gigabit GPON Terminal with firmware version V1.0.0.5. If an attacker gains web management privileges, they can inject commands gaining shell privileges. • http://tenda.com https://github.com/D2y6p/CVE/blob/main/tenda/CVE-2023-33530/RCE2/tenda_G103_RCE_2.pdf • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1

Command injection vulnerability found in Tenda G103 v.1.0.0.5 allows attacker to execute arbitrary code via a the language parameter. • https://github.com/B2eFly/Router/blob/main/Tenda/G103/1.md • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •