VYPR
Vendor

CP Plus

Products
6
CVEs
10
Across products
10
Status
Private

Products

6

Recent CVEs

10
  • CVE-2025-0479HigJan 20, 2025
    risk 0.56cvss epss 0.00

    This vulnerability exists in the CP Plus Router due to insecure handling of cookie flags used within its web interface. A remote attacker could exploit this vulnerability by intercepting data transmissions during an HTTP session on the vulnerable system. Successful…

  • CVE-2023-1518HigMar 28, 2023
    risk 0.51cvss 7.8epss 0.00

    CP Plus KVMS Pro versions 2.01.0.T.190521 and prior are vulnerable to sensitive credentials being leaked because they are insufficiently protected.  

  • CVE-2023-3705HigAug 24, 2023
    risk 0.49cvss 7.5epss 0.01

    The vulnerability exists in CP-Plus NVR due to an improper input handling at the web-based management interface of the affected product. An unauthenticated remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable device. …

  • CVE-2024-54848HigJan 10, 2025
    risk 0.48cvss 7.4epss 0.00

    Improper handling and storage of certificates in CP Plus CP-VNR-3104 B3223P22C02424 allow attackers to decrypt communications or execute a man-in-the-middle attacks.

  • CVE-2024-54849MedJan 10, 2025
    risk 0.38cvss 5.9epss 0.00

    An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to obtain the second RSA private key and access sensitive data or execute a man-in-the-middle attack.

  • CVE-2024-54847MedJan 10, 2025
    risk 0.38cvss 5.9epss 0.00

    An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to access the Diffie-Hellman (DH) parameters and access sensitive data or execute a man-in-the-middle attack.

  • CVE-2024-54846MedJan 10, 2025
    risk 0.38cvss 5.9epss 0.00

    An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to obtain the EC private key and access sensitive data or execute a man-in-the-middle attack.

  • CVE-2024-3434MedApr 8, 2024
    risk 0.35cvss 5.4epss 0.00

    A vulnerability classified as critical was found in CP Plus Wi-Fi Camera up to 20240401. Affected by this vulnerability is an unknown functionality of the component User Management. The manipulation leads to improper authorization. The attack can be launched remotely. The…

  • CVE-2026-9274MedMay 25, 2026
    risk 0.34cvss epss 0.00

    This vulnerability exists in CP Plus Wi-Fi Camera due to improper protection of sensitive information in runtime memory. An attacker with physical access could exploit this vulnerability by accessing the UART interface and performing memory extraction to obtain sensitive…

  • CVE-2023-3704MedAug 24, 2023
    risk 0.34cvss 5.3epss 0.01

    The vulnerability exists in CP-Plus DVR due to an improper input validation within the web-based management interface of the affected products. An unauthenticated remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable…