Cp3 CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (9 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-52364	1 Tenda	2 Cp3 Pro, Cp3 Pro Firmware	2025-08-07	7.5 High
Insecure Permissions vulnerability in Tenda CP3 Pro Firmware V22.5.4.93 allows the telnet service (telnetd) by default at boot via the initialization script /etc/init.d/eth.sh. This allows remote attackers to connect to the device s shell over the network, potentially without authentication if default or weak credentials are present
CVE-2025-52363	1 Tenda	2 Cp3 Pro, Cp3 Pro Firmware	2025-08-02	6.8 Medium
Tenda CP3 Pro Firmware V22.5.4.93 contains a hardcoded root password hash in the /etc/passwd file and /etc/passwd-. An attacker with access to the firmware image can extract and attempt to crack the root password hash, potentially obtaining administrative access
CVE-2025-5763	1 Tenda	2 Cp3, Cp3 Firmware	2025-06-10	4.7 Medium
A vulnerability has been found in Tenda CP3 11.10.00.2311090948 and classified as critical. Affected by this vulnerability is the function sub_F3C8C of the file apollo. The manipulation leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2023-23080	1 Tenda	10 Cp3, Cp3 Firmware, Cp7 and 7 more	2025-03-11	9.8 Critical
Certain Tenda products are vulnerable to command injection. This affects Tenda CP7 Tenda CP7<=V11.10.00.2211041403 and Tenda CP3 v.10 Tenda CP3 v.10<=V20220906024_2025 and Tenda IT7-PCS Tenda IT7-PCS<=V2209020914 and Tenda IT7-LCS Tenda IT7-LCS<=V2209020914 and Tenda IT7-PRS Tenda IT7-PRS<=V2209020908.
CVE-2023-30356	1 Tenda	2 Cp3, Cp3 Firmware	2025-01-27	7.5 High
Missing Support for an Integrity Check in Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 allows attackers to update the device with crafted firmware
CVE-2023-30354	1 Tenda	2 Cp3, Cp3 Firmware	2025-01-27	9.8 Critical
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 does not defend against physical access to U-Boot via the UART: the Wi-Fi password is shown, and the hardcoded boot password can be inserted for console access.
CVE-2023-30353	1 Tenda	2 Cp3, Cp3 Firmware	2025-01-27	9.8 Critical
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 allows unauthenticated remote code execution via an XML document.
CVE-2023-30352	1 Tenda	2 Cp3, Cp3 Firmware	2025-01-27	9.8 Critical
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for the RTSP feed.
CVE-2023-30351	1 Tenda	2 Cp3, Cp3 Firmware	2025-01-27	7.5 High
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for root which is stored using weak encryption. This vulnerability allows attackers to connect to the TELNET service (or UART) by using the exposed credentials.

Page 1 of 1.