Tenda G103 Firmware
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Tenda G103 Firmware.
By the Year
In 2026 there have been 2 vulnerabilities in Tenda G103 Firmware with an average score of 4.7 out of ten. G103 Firmware did not have any published security vulnerabilities last year. That is, 2 more vulnerabilities have already been reported in 2026 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 2 | 4.70 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 3 | 8.70 |
It may take a day or so for new G103 Firmware vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Tenda G103 Firmware Security Vulnerabilities
Command Injection in Tenda G103 v1.0.0.5 Setting Handler (gpon.lua)
CVE-2026-5339
4.7 - Medium
- April 02, 2026
A vulnerability was detected in Tenda G103 1.0.0.5. The impacted element is the function action_set_net_settings of the file gpon.lua of the component Setting Handler. Performing a manipulation of the argument authLoid/authLoidPassword/authPassword/authSerialNo/authType/oltType/usVlanId/usVlanPriority results in command injection. It is possible to initiate the attack remotely. The exploit is now public and may be used.
Command Injection
Command Injection via lanIp in Setting Handler (Tenda G103 1.0.0.5)
CVE-2026-5338
4.7 - Medium
- April 02, 2026
A security vulnerability has been detected in Tenda G103 1.0.0.5. The affected element is the function action_set_system_settings of the file system.lua of the component Setting Handler. Such manipulation of the argument lanIp leads to command injection. The attack may be performed from remote. The exploit has been disclosed publicly and may be used.
Command Injection
Command Injection in Tenda G103 GPON Terminal V1.0.0.5 via Web Management
CVE-2023-33530
8.8 - High
- June 06, 2023
There is a command injection vulnerability in the Tenda G103 Gigabit GPON Terminal with firmware version V1.0.0.5. If an attacker gains web management privileges, they can inject commands gaining shell privileges.
Command Injection
Tenda G103 v1.0.0.5 Cmd Injection via language param
CVE-2023-27076
9.8 - Critical
- April 10, 2023
Command injection vulnerability found in Tenda G103 v.1.0.0.5 allows attacker to execute arbitrary code via a the language parameter.
Shell injection
Tenda G103 v1.0.05 Command Injection via crafted package
CVE-2023-27079
7.5 - High
- March 23, 2023
Command Injection vulnerability found in Tenda G103 v.1.0.05 allows an attacker to obtain sensitive information via a crafted package
Command Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Tenda G103 Firmware or by Tenda? Click the Watch button to subscribe.
