CVE-2024-54848 – This vulnerability in CP Plus CP-VNR-3104 netwo... (How to Fix)

Q: What is the severity of CVE-2024-54848?

CVE-2024-54848 has a CVSS score of 7.4 (HIGH). This vulnerability in CP Plus CP-VNR-3104 network video recorders allows attackers to intercept and decrypt communications or perform man-in-the-middle attacks due to improper certificate handling. Organizations using these devices for video surveillance are affected, potentially exposing sensitive video feeds and control communications.

📋 TL;DR

This vulnerability in CP Plus CP-VNR-3104 network video recorders allows attackers to intercept and decrypt communications or perform man-in-the-middle attacks due to improper certificate handling. Organizations using these devices for video surveillance are affected, potentially exposing sensitive video feeds and control communications.

💻 Affected Systems

Products:

CP Plus CP-VNR-3104 Network Video Recorder

Versions: B3223P22C02424 firmware version

Operating Systems: Embedded Linux-based firmware

Default Config Vulnerable: ⚠️ Yes

Notes: All devices running the affected firmware version are vulnerable in default configuration.

📦 What is this software?

Cp Vnr 3104 Firmware by Cpplusworld

View all CVEs affecting Cp Vnr 3104 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers gain full access to encrypted video streams, administrative controls, and can inject malicious commands into the system, compromising entire surveillance infrastructure.

🟠

Likely Case

Unauthorized access to video surveillance feeds, potential exposure of sensitive areas, and interception of administrative communications.

🟢

If Mitigated

Limited exposure with proper network segmentation and certificate validation, though risk remains if devices are internet-facing.

🌐 Internet-Facing: HIGH - Direct exposure allows remote attackers to intercept communications without network access.

🏢 Internal Only: MEDIUM - Requires internal network access but still allows interception of sensitive surveillance data.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires network access to intercept communications and knowledge of certificate manipulation techniques.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check with CP Plus for updated firmware

Vendor Advisory: Not provided in references

Restart Required: Yes

Instructions:

1. Contact CP Plus support for patched firmware. 2. Backup configuration. 3. Upload new firmware via web interface. 4. Reboot device. 5. Verify certificate handling is secure.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate NVR devices on separate VLAN with strict firewall rules

Certificate Validation Enforcement

all

Configure network devices to enforce strict certificate validation for NVR communications

🧯 If You Can't Patch

Deploy network monitoring to detect MITM attempts and unusual certificate activity
Implement strict access controls and network segmentation to limit exposure

🔍 How to Verify

Check if Vulnerable:

Check device firmware version in web interface: System > Information > Firmware Version

Check Version:

curl -k https://[NVR_IP]/api/version or check web interface

Verify Fix Applied:

Verify firmware version is updated and test certificate validation with tools like openssl s_client

📡 Detection & Monitoring

Log Indicators:

Certificate validation errors
Unexpected certificate changes
Failed SSL/TLS handshakes

Network Indicators:

Unusual certificate authorities in traffic
SSL/TLS interception patterns
Unexpected certificate chains

SIEM Query:

event.category:network AND (ssl.certificate.issuer:unexpected OR tls.handshake.failed)

📊 Metadata

CVE ID: CVE-2024-54848

CVSS v3 Score: 7.4 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE: CWE-295

EPSS Score: 0.07% exploit probability (20.5th percentile)

Published: January 10, 2025

Last Updated: October 2, 2025

🔗 References

https://capec.mitre.org/data/definitions/233 Technical Description
https://github.com/Yashodhanvivek/CP-VNR-3104-NVR-Vulnerabilties/blob/main/CPPlus_CP-VNR-3104_Security_Assessment.pdf Third Party Advisory
https://nvd.nist.gov/vuln/detail/CVE-2021-21551 Not Applicable
https://payatu.com/blog/solving-the-problem-of-encrypted-firmware/ Exploit,Technical Description,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-54848, you might also want to check these: