Sezangel

Tenda 5G03 V05.03.02.04 (Version 1.0) is vulnerable to Command injection in the function action set rat mode via the ratMode parameter.

Tenda 5G03 V05.03.02.04 (Version 1.0) is vulnerable to Command injection in the function action dial call via the dialNumber parameter.

Tenda 5G03 V05.03.02.04 (Version 1.0) is vulnerable to Command injection in the function action ims on with apn via the ims apn parameter.

**Name of the Vulnerable Software and Affected Versions** GL-iNet GL-AR300M16 version 4.3.11 **Description** The GL-iNet GL-AR300M16 device version 4.3.11 contains a command injection issue. This allows attackers to execute arbitrary commands through a crafted input via the `port` parameter within the `enable echo server` function. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GL-iNet GL-AR300M16 version 4.3.11 **Description** The GL-iNet GL-AR300M16 device, version 4.3.11, contains a command injection issue through the `set config` function. This allows attackers to execute arbitrary commands by providing a crafted input. The vulnerability is triggered via manipulation of input to the `set config` function. **Recommendations** Update to a newer version of the GL-iNet GL-AR300M16 firmware that addresses this issue. As a temporary workaround, consider restricting access to the `set config` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** GL-iNet GL-AR300M16 version 4.3.11 **Description** The GL-iNet GL-AR300M16 device contains multiple command injection flaws within the `set upgrade` function. These flaws are triggered through manipulation of the `modem url`, `target version`, `current version`, `firmware upload`, `hash type`, `hash value`, and `upgrade type` parameters. Successful exploitation allows attackers to execute arbitrary commands. **Recommendations** Versions prior to 4.3.11 are potentially affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GL-iNet GL-AR300M16 version 4.3.11 **Description** A SQL injection issue exists due to the `add group()` function. Attackers can execute arbitrary SQL database operations by sending a crafted HTTP request. The vulnerability allows for the execution of arbitrary operations on the SQL database. **Recommendations** Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, consider disabling the `add group()` function until a patch is available.