—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Information Exposure Vulnerability in CP-Plus Wi-Fi Camera

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: MEDIUM

Systems Affected

CP Plus Wi-Fi Camera CP-E38Q, CP-E48Q, CP-E25Q, CP-E35Q, CP-E45Q, CP-E28Q, CP-E21Q, CP-E31Q, CP-E41Q, CP-E24Q, CP-Z43Q, CP-E34Q, CP-E44Q, CP-T31Q, CP-V48Q, CP-V41Q, CP-Z45Q : Firmware version v02.21.031 or below

Overview

A vulnerability has been reported in CP-Plus Wi-Fi Camera, which could allow an attacker to gain unauthorized access to encrypted communications and connected wireless network of the targeted device.

Target Audience:

End-users/ Administrators of CP Plus Wi-Fi Camera

Risk Assessment:

Risk of exposure of cryptographic private keys, Wi-Fi credentials and configuration data

 

Impact Assessment:

Device impersonation, data decryption and Man-in-the-Middle (MITM) attacks.

Description

CP Plus Wi-Fi Camera is a wireless IP surveillance device used for remote video monitoring and network-based access.

This vulnerability exists in CP Plus Wi-Fi Camera due to improper protection of sensitive information in runtime memory. An attacker with physical access could exploit this vulnerability by accessing the UART interface and performing memory extraction to obtain sensitive information, including cryptographic private keys, Wi-Fi credentials and configuration data stored in RAM of the targeted device.

Successful exploitation of this vulnerability could allow unauthorized access to encrypted communications and connected wireless network of the targeted device.

Credit

This vulnerability is reported by Mohsin Quresh.

Solution

Upgrade CP Plus Wi-Fi Camera to the latest firmware version v02.21.041 through OTA using the Ezykam+ mobile application.

https://cpplusworld.com/products/ezyhome/ezykam

Vendor Information

CP Plus

https://cpplusworld.com/products/ezyhome/ezykam

References

CP Plus

https://cpplusworld.com/products/ezyhome/ezykam

CVE Name

CVE-2026-9274

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEEp2gIPkR1VyW4GqN5IVbAwLYg0LQFAmoUXscACgkQIVbAwLYg

0LRs/g/9EpX5S83s1qqpXMtVJtTdFhPwH34ikYYJ+3kHAjPXQhFgPETWGLqC5dKJ

f0/mWiUPBzyfoMyM7hKr15CVCdxU4pHomzcZ65XwO3ChtnrPl7jjIuWDHBpwy8O9

OC/WKT2NAo1LF/cEO/8UbPPpG1IF76KWxBt/vsrMwa3sX0Ww0YMul0LmnZh7IVR5

aI4Mc453LS0ZjOZGAsZrfiNGLEeNElHM7T/Y3bAWeHUibfjQXGEzbaEHaitb2Oyg

On2CwQ/aj6CgDl0Tb2IorwYqy/+2SGWfvI/kuzeQCU5ie/TPbyPJ1Kxx3OEZwdYj

ttIiWYzydxA7cxYNKqFqxJh+sJPSDUUFZkPbnsFRXygAb2wq9ZSEpO36tBFzs3si

s31RFj4i+NwDyFv9plfjAsPOTGWVR3ZBmk/uTMX8RnvGPhfNJ6DsOclfCMEXFw8E

T90QsmkqNq3AMqsCgeMRhDXJLrXPHsxIIhAte+XJLSgqSdTMRo2uIULudUXfwHbo

YkF37qu4OM3VhKgE+OcU13RITJY0u0CAvjyvqB2LxpOvBJDQ5a4mua9V3P0GdpWF

6zr9/b3DNp3HRYSnyMnrRek4A8namH22bwPvTPGha+PxeUwW5lCCBbfbmH1aujau

twJQRxN6nCPwR3hl7gm1re4vhs4N88LMzmcVugbArnM1eaohU8A=

=sIBO

—–END PGP SIGNATURE—–