CVE-2026-9274

UNKNOWN 0.0

Information Exposure Vulnerability in CP-Plus Wi-Fi Camera

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

2th

This vulnerability exists in CP Plus Wi-Fi Camera due to improper protection of sensitive information in runtime memory. An attacker with physical access could exploit this vulnerability by accessing the UART interface and performing memory extraction to obtain sensitive information, including cryptographic private keys, Wi-Fi credentials and configuration data stored in RAM of the targeted device. Successful exploitation of this vulnerability could allow unauthorized access to encrypted communications and connected wireless network of the targeted device.

CWE	CWE-312
Vendor	cp plus
Product	wi-fi camera cp-e38q, cp-e48q, cp-e25q, cp-e35q, cp-e45q, cp-e28q, cp-e21q, cp-e31q, cp-e41q, cp-e24q, cp-z43q, cp-e34q, cp-e44q, cp-t31q, cp-v48q, cp-v41q, cp-z45q
Published	May 25, 2026
Last Updated	May 26, 2026

Stay Ahead of the Next One

Get instant alerts for cp plus wi-fi camera cp-e38q, cp-e48q, cp-e25q, cp-e35q, cp-e45q, cp-e28q, cp-e21q, cp-e31q, cp-e41q, cp-e24q, cp-z43q, cp-e34q, cp-e44q, cp-t31q, cp-v48q, cp-v41q, cp-z45q

Be the first to know when new unknown vulnerabilities affecting cp plus wi-fi camera cp-e38q, cp-e48q, cp-e25q, cp-e35q, cp-e45q, cp-e28q, cp-e21q, cp-e31q, cp-e41q, cp-e24q, cp-z43q, cp-e34q, cp-e44q, cp-t31q, cp-v48q, cp-v41q, cp-z45q are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

CP Plus / Wi-Fi Camera CP-E38Q, CP-E48Q, CP-E25Q, CP-E35Q, CP-E45Q, CP-E28Q, CP-E21Q, CP-E31Q, CP-E41Q, CP-E24Q, CP-Z43Q, CP-E34Q, CP-E44Q, CP-T31Q, CP-V48Q, CP-V41Q, CP-Z45Q

v02.21.031 or below

References

NVD ↗ CVE.org ↗ EPSS Data ↗

cert-in.org.in: https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2026-0266

Credits

This vulnerability is reported by Mohsin Quresh.