PT-2025-24101 · Tenda · Tenda Cp3
K3Vg3N
·
Published
2025-06-06
·
Updated
2025-06-10
·
CVE-2025-5763
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Tenda CP3 version 11.10.00.2311090948
Description
A critical issue has been found, affecting the function
sub F3C8C of the file apollo, leading to command injection. The attack can be launched remotely.Recommendations
For Tenda CP3 version 11.10.00.2311090948, consider disabling the
sub F3C8C function as a temporary workaround until a patch is available. Restrict access to the apollo file to minimize the risk of exploitation.Exploit
Fix
Special Elements Injection
Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Tenda Cp3