21Gun5

**Name of the Vulnerable Software and Affected Versions** Tenda devices, such as AC15V1.0 version V15.03.05.20 multi and AC5V1.0 version V15.03.06.48 multi **Description** The issue allows an attacker to bypass authentication, potentially obtaining sensitive information. This can be combined with authenticated command injection to implement remote code execution (RCE). **Recommendations** For Tenda AC15V1.0 version V15.03.05.20 multi, update to a version that addresses the authentication bypass issue. For Tenda AC5V1.0 version V15.03.06.48 multi, update to a version that addresses the authentication bypass issue. As a temporary workaround, consider restricting access to sensitive information and limiting command injection capabilities until a patch is available.