CVE-2023-30354
First published: Wed May 10 2023(Updated: )
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 does not defend against physical access to U-Boot via the UART: the Wi-Fi password is shown, and the hardcoded boot password can be inserted for console access.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Tenda Cp3 Firmware | =11.10.00.2211041355 | |
| Tenda CP3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2023-30354.
What is the severity of CVE-2023-30354?
The severity of CVE-2023-30354 is critical with a CVSS score of 9.8.
What software version is affected by CVE-2023-30354?
The software version affected by CVE-2023-30354 is Tenda Cp3 Firmware 11.10.00.2211041355.
How does CVE-2023-30354 impact the Shenzen Tenda Technology IP Camera CP3?
CVE-2023-30354 allows physical access to U-Boot via the UART, revealing the Wi-Fi password and allowing console access with a hardcoded boot password.
Are there any known fixes or workarounds for CVE-2023-30354?
At the moment, there are no known fixes or workarounds for CVE-2023-30354. It is recommended to contact the vendor for further assistance.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/tags
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- vendor/tenda
- canonical/tenda cp3 firmware
- version/tenda cp3 firmware/11.10.00.2211041355
- canonical/tenda cp3