Tenda CP3 Physical Bootloader Access

CVE Number

CVE-2023-30354

Summary

It is possible to access to the bootloader of the Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 by exploiting physical access via UART serial interface.

Tested Versions

Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355

Product URLs

Vendor Website

CVSSv3 Score

TBA

CWE

CWE-798: Use of Hard-coded Credentials

Details

By interrupting the U-Boot process and inserting the boot password (found hardcoded in the image of the camera) it is possible to obtain root access to the U-Boot console.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

tmp_PBA.md

tmp_PBA.md

Tenda CP3 Physical Bootloader Access

CVE Number

Summary

Tested Versions

Product URLs

CVSSv3 Score

CWE

Details

Files

tmp_PBA.md

Latest commit

History

tmp_PBA.md

File metadata and controls

Tenda CP3 Physical Bootloader Access

CVE Number

Summary

Tested Versions

Product URLs

CVSSv3 Score

CWE

Details