CVE-2023-30351

Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for root which is stored using weak encryption. This vulnerability allows attackers to connect to the TELNET service or UART by using the exposed credentials...

Hardcoded credentials

Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 does not defend against physical access to U-Boot via the UART: the Wi-Fi password is shown, and the hardcoded boot password can be inserted for console access...

Hardcoded credentials

Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for root which is stored using weak encryption. This vulnerability allows attackers to connect to the TELNET service or UART by using the exposed credentials...

Tenda CP3 加密问题漏洞

Tenda CP3 is a smart camera from Tenda China. A security vulnerability exists in the Tenda CP3 version V11.10.00.2211041355, which stems from the device containing a hard-coded default root password that is stored using weak encryption, and can be exploited by an attacker to connect to a TELNET...

CVE-2023-30351

CVE-2023-30351 affects Shenzen Tenda Technology IP Camera CP3, version 11.10.00.2211041355. The issue is a hard-coded default root password stored with weak encryption, enabling an attacker to authenticate via TELNET (or UART) using exposed credentials. The CVSS v3.1 base score is 7.5 (HIGH) with...

CVE-2023-30351

Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for root which is stored using weak encryption. This vulnerability allows attackers to connect to the TELNET service or UART by using the exposed credentials...

PT-2023-22647 · Shenzen Tenda Technology · Tenda Ip Camera Cp3

Name of the Vulnerable Software and Affected Versions: Shenzen Tenda Technology IP Camera CP3 version 11.10.00.2211041355 Description: The issue is related to a hard-coded default password for the root user, which is stored using weak encryption. This allows attackers to connect to the TELNET...

Linux kernel hci_uart_tty_ioctl denial of service vulnerability

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A denial of service vulnerability exists in Linux kernel version 6.2, which originates from a race condition between HCIUARTSETPROTO and HCIUARTGETPROTO in hciuartttyioctl in...

SUSE CVE-2023-31083

An issue was discovered in drivers/bluetooth/hcildisc.c in the Linux kernel 6.2. In hciuartttyioctl, there is a race condition between HCIUARTSETPROTO and HCIUARTGETPROTO. HCIUARTPROTOSET is set before hu-proto is set. A NULL pointer dereference may occur...

Linux kernel 代码问题漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A denial of service vulnerability exists in Linux kernel version 6.2, which originates from a race condition between HCIUARTSETPROTO and HCIUARTGETPROTO in hciuartttyioctl in...

Command injection

An issue discovered in Shenzhen Zhibotong Electronics WBT WE1626 Router v 21.06.18 allows attacker to execute arbitrary commands via serial connection to the UART port...

CVE-2022-45553

An issue discovered in Shenzhen Zhibotong Electronics WBT WE1626 Router v 21.06.18 allows attacker to execute arbitrary commands via serial connection to the UART port...

CVE-2022-45553

CVE-2022-45553 affects Shenzhen Zhibotong Electronics WBT WE1626 Router (version 21.06.18). The issue allows an attacker to execute arbitrary commands via a serial connection to the UART port. Public documentation provides this summary, with CVSSv3.1 base score 9.8 (CRITICAL) and impact on confid...

SUSE CVE-2010-4075

The uartgetcount function in drivers/serial/serialcore.c in the Linux kernel before 2.6.37-rc1 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call...

SUSE CVE-2019-15917

An issue was discovered in the Linux kernel before 5.0.5. There is a use-after-free issue when hciuartregisterdev fails in hciuartsetproto in drivers/bluetooth/hcildisc.c...

SUSE CVE-2022-3114

An issue was discovered in the Linux kernel through 5.16-rc6. imxregisteruartclocks in drivers/clk/imx/clk.c lacks check of the return value of kcalloc and will cause the null pointer dereference...

CVE-2022-41505

An access control issue on TP-LInk Tapo C200 V1 devices allows physically proximate attackers to obtain root access by connecting to the UART pins, interrupting the boot process, and setting an init=/bin/sh value...

Design/Logic Flaw

An access control issue on TP-LInk Tapo C200 V1 devices allows physically proximate attackers to obtain root access by connecting to the UART pins, interrupting the boot process, and setting an init=/bin/sh value...

CVE-2022-41505

An access control issue on TP-LInk Tapo C200 V1 devices allows physically proximate attackers to obtain root access by connecting to the UART pins, interrupting the boot process, and setting an init=/bin/sh value...

CVE-2022-41505

An access control issue on TP-LInk Tapo C200 V1 devices allows physically proximate attackers to obtain root access by connecting to the UART pins, interrupting the boot process, and setting an init=/bin/sh value...