CVE-2024-54846

Medium CVSS: 5.9

An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to obtain the EC private key and access sensitive data or execute a man-in-the-middle attack.

Vendor

Cpplusworld

Product

Cp-vnr-3104 Firmware

CWE

CWE-295

Yayın Tarihi

2025-01-10 17:15:16

Güncelleme

2025-10-02 17:17:41

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-295 Cp-vnr-3104 Firmware MEDIUM Cpplusworld 2025

Referanslar

https://github.com/Yashodhanvivek/CP-VNR-3104-NVR-Vulnerabilties/blob/main/CPPlus_CP-VNR-3104_Security_Assessment.pdf https://nvd.nist.gov/vuln/detail/CVE-2020-15522 https://payatu.com/blog/solving-the-problem-of-encrypted-firmware/

Benzer Kayıtlar

Medium

CVE-2025-44039

CP-XR-DE21-S -4G Router Firmware version 1.031.022 was discovered to contain insecure protections for its UART console.…

Medium

CVE-2024-54847

An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to access the Diffie-Hellman (DH) parameters and access…

High

CVE-2024-54848

Improper handling and storage of certificates in CP Plus CP-VNR-3104 B3223P22C02424 allow attackers to decrypt communica…

Medium

CVE-2024-54849

An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to obtain the second RSA private key and access sensitiv…