Description
Tenda 5G03 V05.03.02.04 (Version 1.0) is vulnerable to Command injection in the function action_unlock_sim via the pin parameter.
Published: 2026-06-15
Score: 9.8 Critical
EPSS: 1.0% Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The Tenda 5G03 router firmware V05.03.02.04 (Version 1.0) includes a command injection flaw in the action_unlock_sim function. An attacker who can supply a crafted "pin" parameter can execute arbitrary operating‑system commands on the device, bypassing authentication and potentially taking full control.

Affected Systems

This vulnerability affects only the Tenda 5G03 model running firmware V05.03.02.04 (Version 1.0). No other Tenda firmware versions or models were identified as impacted.

Risk and Exploitability

The CVSS score of 9.8 reflects the high impact of this flaw, while the EPSS score of < 1% indicates a low current exploitation probability. The vulnerability is not yet listed in the CISA KEV catalog. Based on the description, it is inferred that the function is reachable via the device’s management interface, making remote exploitation possible from an external network that can access the router’s management port. If the device is exposed to the internet, an attacker can craft a request with a malicious pin value to trigger the injection and obtain remote code execution.

Generated by OpenCVE AI on June 17, 2026 at 00:13 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply a firmware update from Tenda that removes the vulnerable action_unlock_sim function
  • If an update is not yet available, restrict external access to the router’s management interface using firewall rules or place the device in a segregated network segment
  • Disable the action_unlock_sim feature through the router’s configuration interface, if such an option exists
  • Monitor router logs for attempts to execute the pin parameter with unexpected values

Generated by OpenCVE AI on June 17, 2026 at 00:13 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 17 Jun 2026 05:15:00 +0000

Type Values Removed Values Added
Title Command Injection via PIN Parameter in Tenda 5G03 Action-Unlock-SIM Function

Tue, 16 Jun 2026 18:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-78
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 15 Jun 2026 19:30:00 +0000

Type Values Removed Values Added
Description Tenda 5G03 V05.03.02.04 (Version 1.0) is vulnerable to Command injection in the function action_unlock_sim via the pin parameter.
References

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-06-16T17:13:13.290Z

Reserved: 2026-04-06T00:00:00.000Z

Link: CVE-2026-38060

cve-icon Vulnrichment

Updated: 2026-06-16T16:44:28.625Z

cve-icon NVD

Status : Deferred

Published: 2026-06-15T20:16:26.363

Modified: 2026-06-16T19:16:36.000

Link: CVE-2026-38060

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-17T00:15:16Z

Weaknesses
  • CWE-78

    Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')