Lucene search

K
cve[email protected]CVE-2023-30354
HistoryMay 10, 2023 - 4:15 p.m.

CVE-2023-30354

2023-05-1016:15:12
CWE-319
web.nvd.nist.gov
15
shenzen tenda
ip camera
cp3
u-boot
vulnerability
wi-fi password
hardcoded boot password
nvd

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.2 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.3%

Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 does not defend against physical access to U-Boot via the UART: the Wi-Fi password is shown, and the hardcoded boot password can be inserted for console access.

Affected configurations

NVD
Node
tendacp3_firmwareMatch11.10.00.2211041355
AND
tendacp3Match-

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.2 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.3%

Related for CVE-2023-30354