CVE-2023-27076

Name of the Vulnerable Software and Affected Versions Tenda G103 version 1.0.0.5

Description A command injection issue allows an attacker to execute arbitrary code via the language parameter. This can compromise the integrity, availability, and confidentiality of protected information. The vulnerability is related to the failure to neutralize special elements used in the operating system command.

Recommendations For Tenda G103 version 1.0.0.5, consider disabling the language parameter until a patch is available to prevent exploitation. Restrict access to the affected module to minimize the risk of arbitrary code execution. Avoid using the language parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.