Skip to main content

Cp3 Firmware

7 CVEs product

Monthly

CVE-2024-24488 MEDIUM This Month

An issue in Shenzen Tenda Technology CP3V2.0 V11.10.00.2311090948 allows a local attacker to obtain sensitive information via the password component. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Tenda Cp3 Firmware
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-30356 HIGH This Week

Missing Support for an Integrity Check in Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 allows attackers to update the device with crafted firmware. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Tenda Cp3 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-30354 CRITICAL Act Now

Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 does not defend against physical access to U-Boot via the UART: the Wi-Fi password is shown, and the hardcoded boot password can be. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Tenda Cp3 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.4%
CVE-2023-30353 CRITICAL Act Now

Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 allows unauthenticated remote code execution via an XML document. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Command Injection Tenda Cp3 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2023-30352 CRITICAL Act Now

Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for the RTSP feed. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Tenda Cp3 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-30351 HIGH This Week

Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for root which is stored using weak encryption. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Tenda Cp3 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2023-23080 CRITICAL POC Act Now

Certain Tenda products are vulnerable to command injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Tenda It7 Lcs Firmware It7 Pcs Firmware It7 Prs Firmware +2
NVD GitHub
CVSS 3.1
9.8
EPSS
2.5%
EPSS 0% CVSS 5.5
MEDIUM This Month

An issue in Shenzen Tenda Technology CP3V2.0 V11.10.00.2311090948 allows a local attacker to obtain sensitive information via the password component. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Tenda Cp3 Firmware
NVD GitHub
EPSS 0% CVSS 7.5
HIGH This Week

Missing Support for an Integrity Check in Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 allows attackers to update the device with crafted firmware. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Tenda Cp3 Firmware
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL Act Now

Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 does not defend against physical access to U-Boot via the UART: the Wi-Fi password is shown, and the hardcoded boot password can be. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Tenda Cp3 Firmware
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 allows unauthenticated remote code execution via an XML document. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Command Injection Tenda +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for the RTSP feed. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Tenda Cp3 Firmware
NVD GitHub
EPSS 0% CVSS 7.5
HIGH This Week

Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for root which is stored using weak encryption. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Tenda Cp3 Firmware
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

Certain Tenda products are vulnerable to command injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Tenda It7 Lcs Firmware +4
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy