1. Home
  2. CVE Database
  3. CVE-2023-23080
CRITICAL · 9.8

CVE-2023-23080

Certain Tenda products are vulnerable to command injection. This affects Tenda CP7 Tenda CP7<=V11.10.00.2211041403 and Tenda CP3 v.10 Tenda CP3 v.10<=V20220906024_2025 and Tenda IT7-PCS Tenda IT7-PCS<...

Vulnerability Description

Certain Tenda products are vulnerable to command injection. This affects Tenda CP7 Tenda CP7<=V11.10.00.2211041403 and Tenda CP3 v.10 Tenda CP3 v.10<=V20220906024_2025 and Tenda IT7-PCS Tenda IT7-PCS<=V2209020914 and Tenda IT7-LCS Tenda IT7-LCS<=V2209020914 and Tenda IT7-PRS Tenda IT7-PRS<=V2209020908.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
TendaIt7-Lcs Firmware<= 2209020914
TendaIt7-Lcs-
TendaIt7-Pcs Firmware<= 2209020914
TendaIt7-Pcs-
TendaIt7-Prs Firmware<= 2209020908
TendaIt7-Prs-
TendaCp3 Firmware<= 20220906024_2025
TendaCp3-
TendaCp7 Firmware<= 1.10.00.2211041403
TendaCp7-

Related Weaknesses (CWE)

CWE-77

References

FAQ

What is CVE-2023-23080?

CVE-2023-23080 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Certain Tenda products are vulnerable to command injection. This affects Tenda CP7 Tenda CP7<=V11.10.00.2211041403 and Tenda CP3 v.10 Tenda CP3 v.10<=V20220906024_2025 and Tenda IT7-PCS Tenda IT7-PCS<...

How severe is CVE-2023-23080?

CVE-2023-23080 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2023-23080?

Check the references section above for vendor advisories and patch information. Affected products include: Tenda It7-Lcs Firmware, Tenda It7-Lcs, Tenda It7-Pcs Firmware, Tenda It7-Pcs, Tenda It7-Prs Firmware.