Primary

Context

Tenda CP3 Command Injection Vulnerability Allowing Remote Code Execution

Vulnerability

A critical command injection vulnerability has been identified in the Tenda CP3 camera firmware version 11.10.00.2311090948. The issue arises in the 'sub_F3C8C' function of the 'apollo' file, where user-supplied input is not properly sanitized before being executed as a command. This vulnerability allows for arbitrary command execution with root privileges, exploiting the camera's Wi-Fi connection by manipulating the SSID. The vulnerability can be exploited remotely, requiring authenticated access.

Impact

Exploitation of this vulnerability allows for arbitrary command execution on the affected device with root privileges.

Reproduction

To reproduce this vulnerability, change the Wi-Fi SSID to include a crafted payload that exploits the command injection flaw. The payload is executed through the camera's connection to Wi-Fi, taking advantage of the unsanitized input in the 'sub_F3C8C' function.

Added: Jun 6, 2025, 12:17 PM

Updated: Jun 6, 2025, 12:17 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

7.5

exploitability

6.2

remediation

0.0

relevance

0.1

threat

6.5

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

7.5

exploitability

6.2

remediation

0.0

relevance

0.1

threat

6.5

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tenda CP3 Command Injection Vulnerability Allowing Remote Code Execution

Vulnerability

Impact

Reproduction

Affected Products

Tenda CP3

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating