GCVE - cpe:2.3:h:cpplusworld:cp-vnr-3104:-:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:h:cpplusworld:cp-vnr-3104:-:*:*:*:*:*:*:*

part: h version: - update: *

Vendor	Cpplusworld (`e4e12946-648c-5a4d-a5ad-5d3f4aeda4d2`)
Product	Cp Vnr 3104 (`933a6227-f88b-576a-9976-4237a2cd406c`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-54849`	not_vulnerable	2026-06-03 14:57:41.797553	Details available An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to obtain the second RSA private key and access sensitive data or execute a man-in-the-middle attack. Published: 2025-01-10T00:00:00.000Z Updated: 2025-01-13T20:16:37.016Z Open on db.gcve.eu Reference links https://nvd.nist.gov/vuln/detail/CVE-2020-15522 https://payatu.com/blog/solving-the-problem-of-encrypted-firmware/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-54848`	not_vulnerable	2026-06-03 14:57:41.797058	Details available Improper handling and storage of certificates in CP Plus CP-VNR-3104 B3223P22C02424 allow attackers to decrypt communications or execute a man-in-the-middle attacks. Published: 2025-01-10T00:00:00.000Z Updated: 2025-01-13T20:21:01.204Z Open on db.gcve.eu Reference links https://payatu.com/blog/solving-the-problem-of-encrypted-firmware/ https://capec.mitre.org/data/definitions/233 https://nvd.nist.gov/vuln/detail/CVE-2021-21551 https://github.com/Yashodhanvivek/CP-VNR-3104-NVR-Vulnerabilties/blob/main/CPPlus_CP-VNR-3104_Security_Assessment.pdf	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-54847`	not_vulnerable	2026-06-03 14:57:41.796512	Details available An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to access the Diffie-Hellman (DH) parameters and access sensitive data or execute a man-in-the-middle attack. Published: 2025-01-10T00:00:00.000Z Updated: 2025-01-13T20:26:29.925Z Open on db.gcve.eu Reference links https://payatu.com/blog/solving-the-problem-of-encrypted-firmware/ https://nvd.nist.gov/vuln/detail/CVE-2023-3817 https://github.com/Yashodhanvivek/CP-VNR-3104-NVR-Vulnerabilties/blob/main/CPPlus_CP-VNR-3104_Security_Assessment.pdf	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-54846`	not_vulnerable	2026-06-03 14:57:41.795946	Details available An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to obtain the EC private key and access sensitive data or execute a man-in-the-middle attack. Published: 2025-01-10T00:00:00.000Z Updated: 2025-01-13T20:28:12.941Z Open on db.gcve.eu Reference links https://nvd.nist.gov/vuln/detail/CVE-2020-15522 https://payatu.com/blog/solving-the-problem-of-encrypted-firmware/ https://github.com/Yashodhanvivek/CP-VNR-3104-NVR-Vulnerabilties/blob/main/CPPlus_CP-VNR-3104_Security_Assessment.pdf	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-3705`	not_vulnerable	2026-06-03 14:52:41.590557	Information Disclosure Vulnerability in CP-Plus Network Video Recorder HIGH (7.5) The vulnerability exists in CP-Plus NVR due to an improper input handling at the web-based management interface of the affected product. An unauthenticated remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable device. Successful exploitation of this vulnerability could allow the remote attacker to obtain sensitive information on the targeted device. Published: 2023-08-24T07:03:12.395Z Updated: 2024-10-02T20:33:29.083Z Open on db.gcve.eu Reference links https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2023-0239	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.