Tenda N300 Vulnerabilities Allow Attackers to Execute Arbitrary Commands as Root

High-severity command injection vulnerabilities have been discovered in Tenda’s N300 Wi-Fi 4G LTE Router and the 4G03 Pro model, enabling authenticated attackers to execute arbitrary commands with root privileges on affected devices.

With no patches currently available from the manufacturer, security experts are urging users to consider alternative solutions to protect their networks from potential compromise.

Vulnerable Routers Face Command Injection Threats

The Tenda 4G03 Pro is a portable 4G LTE router designed for flexible internet access worldwide.

Users can insert a SIM card to establish ad hoc internet connectivity, making it popular for mobile and temporary networking solutions across different mobile operators.

However, security researchers have identified serious flaws stemming from improper handling of attacker-controlled input within the router’s internal service functions.

Two distinct command injection vulnerabilities, tracked as CVE-2025-13207 and CVE-2024-24481, affect multiple firmware versions of these devices.

Both vulnerabilities carry a CVSS score of 8.8, indicating high severity and significant risk to affected organizations and individuals.

CVE ID	Affected Products	Vulnerability Type	CVSS Score
CVE-2025-13207	Tenda N300 4G03 Pro (Firmware v04.03.01.44 and earlier)	Command Injection	8.8 (High)
CVE-2024-24481	Tenda N300 4G03 Pro (Firmware v04.03.01.14 and earlier)	Command Injection	8.8 (High)

The first vulnerability, CVE-2025-13207, impacts firmware versions up to and including v04.03.01.44. Attackers can exploit this flaw by manipulating arguments passed to a function within the /usr/sbin/httpd service.

A specially crafted authenticated HTTP request sent to TCP port 80 can trigger arbitrary command execution on the device.

The second vulnerability, CVE-2024-24481, affects firmware versions up to and including v04.03.01.14. This flaw involves improper input handling within an accessible function through the web interface.

After authentication, attackers can invoke the vulnerable function and send a crafted network request to TCP port 7329, resulting in command execution with root privileges.

Security researchers discovered these vulnerabilities through reverse engineering of the router’s firmware, and importantly, this issue is distinct from CVE-2023-2649.

Successful exploitation grants attackers complete control over the affected device, allowing them to execute any commands as the root user on the underlying operating system.

This level of access enables threat actors to intercept network traffic, modify router configurations, establish persistent backdoors, or use compromised devices as launching points for further attacks on connected networks.

The CERT Coordination Center has confirmed that no vendor-supplied patches or mitigations currently exist to address these critical vulnerabilities in the Tenda N300 series and 4G03 Pro devices.

Find this Story Interesting! Follow us on Google News, LinkedIn and X to Get More Instant Updates

The post Tenda N300 Vulnerabilities Allow Attackers to Execute Arbitrary Commands as Root appeared first on Cyber Security News.