Vulnerabilidades em Iocharger
16 resultadosCVE-2024-43654CRITICALAuthenticated command injection in the <redacted> action leads to full remote code execution as root on the charging stationEPSS 2.1%CVE-2024-43653CRITICALAuthenticated command injection in the <redacted> action leads to full remote code execution as root on the charging stationEPSS 2.1%CVE-2024-43652CRITICALAuthenticated command injection in the <redacted> action leads to full remote code execution as root on the charging stationEPSS 1.9%CVE-2024-43648CRITICALAuthenticated command injection via <redacted>.exe <redacted> parameterEPSS 1.8%CVE-2024-43649CRITICALAuthenticated command injection via <redacted>.exe <redacted> parameterEPSS 1.8%CVE-2024-43651CRITICALAuthenticated command injection in the <redacted> action leads to full remote code execution as root on the charging stationEPSS 1.7%CVE-2024-43650CRITICALAuthenticated command injection in the <redacted> action leads to full remote code execution as root on the charging stationEPSS 1.6%CVE-2024-43656CRITICALA backup can be manipulated and then restored to create arbitrary files inside the <redacted> directory. A CGI script can be added to the web directory this way, allowing for full remote code execution.EPSS 1.5%CVE-2024-43657CRITICALWhen uploading new firmware, a shell script inside a firmware file is executed during its processing. This can be used to craft a custom firmware file with a custom script with arbitrary code, which will then be executed on the charging station.EPSS 1.4%CVE-2024-43655CRITICALAny authenticated users can execute OS commands as root using the <redacted>.sh CGI script.EPSS 1.2%CVE-2024-43663MEDIUMBuffer overflow vulnerabilities in CGI scripts lead to segfaultEPSS 1.0%CVE-2024-43659HIGHPlaintext default credentials in firmwareEPSS 0.8%CVE-2024-43662MEDIUMAuthenticated arbitrary file upload to /tmp/ and /tmp/upload/EPSS 0.6%CVE-2024-43660HIGHArbitrary file download using <redacted>.shEPSS 0.6%CVE-2024-43658HIGHUsing the <redacted> action or <redacted>.sh script, arbitrary files and directories can be deleted using directory traversal.EPSS 0.5%CVE-2024-43661HIGHBuffer overflow in <redacted>.so leads to DoS of OCPP serviceEPSS 0.5%