CVE-2024-54848

High CVSS: 7.4

Improper handling and storage of certificates in CP Plus CP-VNR-3104 B3223P22C02424 allow attackers to decrypt communications or execute a man-in-the-middle attacks.

Vendor

Cpplusworld

Product

Cp-vnr-3104 Firmware

CWE

CWE-295

Yayın Tarihi

2025-01-10 17:15:17

Güncelleme

2025-10-02 16:59:11

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-295 Cp-vnr-3104 Firmware HIGH Cpplusworld 2025

Referanslar

https://capec.mitre.org/data/definitions/233 https://github.com/Yashodhanvivek/CP-VNR-3104-NVR-Vulnerabilties/blob/main/CPPlus_CP-VNR-3104_Security_Assessment.pdf https://nvd.nist.gov/vuln/detail/CVE-2021-21551 https://payatu.com/blog/solving-the-problem-of-encrypted-firmware/

Benzer Kayıtlar

Medium

CVE-2025-44039

CP-XR-DE21-S -4G Router Firmware version 1.031.022 was discovered to contain insecure protections for its UART console.…

Medium

CVE-2024-54847

An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to access the Diffie-Hellman (DH) parameters and access…

Medium

CVE-2024-54849

An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to obtain the second RSA private key and access sensitiv…

Medium

CVE-2024-54846

An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to obtain the EC private key and access sensitive data o…