PT-2023-22647 · Shenzen Tenda Technology · Tenda Ip Camera Cp3

Publicado

2023-05-10

Atualizado

2025-01-27

CVE-2023-30351

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Shenzen Tenda Technology IP Camera CP3 version 11.10.00.2211041355

Description The issue is related to a hard-coded default password for the root user, which is stored using weak encryption. This allows attackers to connect to the TELNET service or UART by using the exposed credentials.

Recommendations For version 11.10.00.2211041355, consider changing the default password for the root user to a strong, unique password to prevent unauthorized access. As a temporary workaround, restrict access to the TELNET service and UART to minimize the risk of exploitation.

Correção

Using Hardcoded Credentials

Inadequate Encryption Strength

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-798CWE-326

Identificadores relacionados

CVE-2023-30351

Produtos afetados

Tenda Ip Camera Cp3

PT-2023-22647 · Shenzen Tenda Technology · Tenda Ip Camera Cp3

CVE-2023-30351

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6