Vulnerabilities > Tenda > CP3 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-10 | CVE-2023-30351 | Inadequate Encryption Strength vulnerability in Tenda CP3 Firmware 11.10.00.2211041355 Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for root which is stored using weak encryption. | 7.5 |
| 2023-05-10 | CVE-2023-30352 | Use of Hard-coded Credentials vulnerability in Tenda CP3 Firmware 11.10.00.2211041355 Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for the RTSP feed. | 9.8 |
| 2023-05-10 | CVE-2023-30353 | Command Injection vulnerability in Tenda CP3 Firmware 11.10.00.2211041355 Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 allows unauthenticated remote code execution via an XML document. | 9.8 |
| 2023-05-10 | CVE-2023-30354 | Cleartext Transmission of Sensitive Information vulnerability in Tenda CP3 Firmware 11.10.00.2211041355 Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 does not defend against physical access to U-Boot via the UART: the Wi-Fi password is shown, and the hardcoded boot password can be inserted for console access. | 9.8 |
| 2023-05-10 | CVE-2023-30356 | Improper Validation of Integrity Check Value vulnerability in Tenda CP3 Firmware 11.10.00.2211041355 Missing Support for an Integrity Check in Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 allows attackers to update the device with crafted firmware | 7.5 |
| 2023-02-27 | CVE-2023-23080 | Command Injection vulnerability in Tenda products Certain Tenda products are vulnerable to command injection. | 9.8 |