Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Tenda RP3 Pro Firmware Update force_upgrade.sh hard-coded password
Vulnerability Description
A flaw has been found in Tenda RP3 Pro up to 22.5.7.93. This impacts an unknown function of the file force_upgrade.sh of the component Firmware Update Handler. Executing manipulation of the argument current_force_upgrade_pwd can lead to use of hard-coded password. The attack can only be executed locally. The exploit has been published and may be used.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
使用硬编码的口令
Vulnerability Title
Tenda RP3 Pro 安全漏洞
Vulnerability Description
Tenda RP3 Pro是中国腾达(Tenda)公司的一款室内无线云台摄像机。 Tenda RP3 Pro 22.5.7.93及之前版本存在安全漏洞,该漏洞源于文件force_upgrade.sh中参数current_force_upgrade_pwd存在硬编码密码,可能导致本地攻击。
CVSS Information
N/A
Vulnerability Type
N/A