CP Plus CP-VNR-3104 Diffie-Hellman Parameter Exposure Vulnerability

A vulnerability in the CP Plus CP-VNR-3104 model allows attackers to access the Diffie-Hellman (DH) parameters, potentially leading to the exposure of sensitive data or the execution of a man-in-the-middle attack. This issue arises from the device's handling of DH parameters, which can be exploited to intercept or manipulate communications.

Impact

Exploitation of this vulnerability could allow for unauthorized access to sensitive data or the interception and alteration of communications, facilitating a man-in-the-middle attack.

Reproduction

The vulnerability can be reproduced by accessing the device's firmware update mechanism, which is available on the manufacturer's FTP server. After uploading a crafted firmware file, the device will decrypt and install the update, during which the DH parameters can be intercepted.