CVE Catalog
CVE-2026-38063
CriticalCVSS 9.8Exploitation Probability (EPSS)
Low risk0.45%
36th percentile — higher than 36% of all known CVEs
Summary
Tenda 5G03 version 5.03.02.04 (version 1.0) is vulnerable to command injection in the action_radio_on_with_ia_apn function via the ia parameter.
Risk Assessment
Exploitation of this vulnerability could lead to unauthorized command execution on the device, posing a serious security threat to the network.
Recommendation
It is recommended to update the device firmware to the latest version to mitigate this vulnerability and to monitor logs for potential attack attempts.
Original NVD description (English source)
Tenda 5G03 V05.03.02.04 (Version 1.0) is vulnerable to Command injection in the function action_radio_on_with_ia_apn via the ia parameter.

