exploitDog

CVE-2024-54846

Опубликовано: 10 янв. 2025

Источник: nvd

CVSS3: 5.9

EPSS Низкий

Описание

An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to obtain the EC private key and access sensitive data or execute a man-in-the-middle attack.

Ссылки

https://github.com/Yashodhanvivek/CP-VNR-3104-NVR-Vulnerabilties/blob/main/CPPlus_CP-VNR-3104_Security_Assessment.pdf
Third Party Advisory
https://nvd.nist.gov/vuln/detail/CVE-2020-15522
Not Applicable
https://payatu.com/blog/solving-the-problem-of-encrypted-firmware/
Exploit
Technical Description
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:cpplusworld:cp-vnr-3104_firmware:b3223p22c02424:*:*:*:*:*:*:*

cpe:2.3:h:cpplusworld:cp-vnr-3104:-:*:*:*:*:*:*:*

EPSS

Процентиль: 29%

0.00106

Низкий

5.9 Medium

CVSS3

Дефекты

CWE-295

Связанные уязвимости

GHSA-5jr8-vjmp-fp54

CVSS3: 5.9

github

около 1 года назад

An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to obtain the EC private key and access sensitive data or execute a man-in-the-middle attack.

EPSS

Процентиль: 29%

0.00106

Низкий

5.9 Medium

CVSS3

Дефекты

CWE-295