Skip to main content

Wi Fi Camera Cp E38Q Cp E48Q Cp E25Q Cp E35Q Cp E45Q Cp E28Q Cp E21Q Cp E31Q Cp E41Q Cp E24Q Cp Z43Q Cp E34Q Cp E44Q Cp T31Q Cp V48Q Cp V41Q Cp Z45Q CVE-2026-9274

| EUVDEUVD-2026-31661 MEDIUM
Cleartext Storage of Sensitive Information (CWE-312)
2026-05-25 CERT-In GHSA-6c6p-vqc7-gj3w
5.2
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
5.2 MEDIUM
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Physical
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

1
CVE Published
May 25, 2026 - 09:19 nvd
UNKNOWN (no severity yet)

DescriptionCVE.org

This vulnerability exists in CP Plus Wi-Fi Camera due to improper protection of sensitive information in runtime memory. An attacker with physical access could exploit this vulnerability by accessing the UART interface and performing memory extraction to obtain sensitive information, including cryptographic private keys, Wi-Fi credentials and configuration data stored in RAM of the targeted device.

Successful exploitation of this vulnerability could allow unauthorized access to encrypted communications and connected wireless network of the targeted device.

Analysis

This vulnerability exists in CP Plus Wi-Fi Camera due to improper protection of sensitive information in runtime memory. An attacker with physical access could exploit this vulnerability by accessing the UART interface and performing memory extraction to obtain sensitive information, including cryptographic private keys, Wi-Fi credentials and configuration data stored in RAM of the targeted device.

Successful exploitation of this vulnerability could allow unauthorized access to encrypted communications and connected wireless network of the targeted device.

Share

CVE-2026-9274 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy