Impact
A command injection flaw exists in the function that sets the RAT mode on a Tenda 5G03 router, allowing an attacker to supply a specially crafted "ratMode" parameter that is executed as a shell command on the router’s system. The vulnerability permits arbitrary code execution with the privileges of the router's administrative process, leading to potential device takeover, traffic tampering, or other destructive actions. The flaw is a classic input validation failure (CWE‑78) and can compromise confidentiality, integrity, and availability of the network protected by the router.
Affected Systems
Devices based on the Tenda 5G03 model running firmware version V05.03.02.04 (also labeled Version 1.0) are affected. No other vendor or product versions are known to contain the vulnerability according to the available CNA data.
Risk and Exploitability
The vulnerability carries a CVSS score of 9.8, indicating critical severity. The EPSS score of 1% suggests a low but non-zero probability of exploitation. It is not listed in CISA’s KEV catalog. Based on the description, it is inferred that an attacker could exploit the flaw remotely by sending a crafted request to the action_set_rat_mode endpoint over the router’s HTTP or web‑based administration interface, leading to arbitrary command execution.
OpenCVE Enrichment