12 matches found
EUVD-2026-36753
Tenda 5G03 V05.03.02.04 Version 1.0 is vulnerable to Command injection in the function actionsetratmode via the ratMode parameter...
EUVD-2026-36752
Tenda 5G03 V05.03.02.04 Version 1.0 is vulnerable to Command injection in the function actionsetvolume via the volume parameter...
CVE-2026-38061
Tenda 5G03 V05.03.02.04 Version 1.0 is vulnerable to Command injection in the function actionsetvolume via the volume parameter...
CVE-2026-38062
Tenda 5G03 V05.03.02.04 Version 1.0 is vulnerable to Command injection in the function actionsetratmode via the ratMode parameter...
CVE-2026-38061
Tenda 5G03 V05.03.02.04 Version 1.0 is vulnerable to Command injection in the function actionsetvolume via the volume parameter...
CVE-2026-38062
Tenda 5G03 V05.03.02.04 Version 1.0 is vulnerable to Command injection in the function actionsetratmode via the ratMode parameter...
CVE-2026-38061
Tenda 5G03 V05.03.02.04 Version 1.0 is vulnerable to Command injection in the function actionsetvolume via the volume parameter...
EUVD-2026-18342
A vulnerability was detected in Tenda G103 1.0.0.5. The impacted element is the function actionsetnetsettings of the file gpon.lua of the component Setting Handler. Performing a manipulation of the argument authLoid/authLoidPassword/authPassword/authSerialNo/authType/oltType/usVlanId/usVlanPriori...
CVE-2026-5339 Tenda G103 Setting gpon.lua action_set_net_settings command injection
A vulnerability was detected in Tenda G103 1.0.0.5. The impacted element is the function actionsetnetsettings of the file gpon.lua of the component Setting Handler. Performing a manipulation of the argument authLoid/authLoidPassword/authPassword/authSerialNo/authType/oltType/usVlanId/usVlanPriori...
CVE-2026-5338 Tenda G103 Setting system.lua action_set_system_settings command injection
A security vulnerability has been detected in Tenda G103 1.0.0.5. The affected element is the function actionsetsystemsettings of the file system.lua of the component Setting Handler. Such manipulation of the argument lanIp leads to command injection. The attack may be performed from remote. The...
libfluid 安全漏洞
libfluid is an Open Networking open source application. A security vulnerability exists in libfluid that stems from the fact that the fluidmsg::ActionSet::unpack routine contains a null pointer dereference vulnerability caused by an unchecked return value...
GHSA-CR6J-3JP9-RW65 Apache Struts vulnerable to remote command execution (RCE) due to improper input validation
Apache Struts contains a Remote Code Execution when using results with no namespace and it's upper actions have no or wildcard namespace. The same flaw exists when using a url tag with no value, action set, and it's upper actions have no or wildcard namespace...