Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

EUVD-2024-40401

๐Ÿ—“๏ธย 03 Oct 2025ย 20:07:09Reported byย EUVDTypeย 
euvd
ย euvd๐Ÿ”—ย euvd.enisa.europa.eu๐Ÿ‘ย 1ย Views

Command Injection vulnerability in Iocharger firmware allows root access to AC model chargers.

Related
Affected
Refs
ReporterTitlePublishedViews
Family
Circl		CVE-2024-43657
9 Jan 202508:16
โ€“circl
CNNVD		iocharger ๅฎ‰ๅ…จๆผๆดž
9 Jan 202500:00
โ€“cnnvd
CVE		CVE-2024-43657
9 Jan 202507:56
โ€“cve
Cvelist		CVE-2024-43657 When uploading new firmware, a shell script inside a firmware file is executed during its processing. This can be used to craft a custom firmware file with a custom script with arbitrary code, which will then be executed on the charging station.
9 Jan 202507:56
โ€“cvelist
NVD		CVE-2024-43657
9 Jan 202508:15
โ€“nvd
Positive Technologies		PT-2025-2658 ยท Iocharger ยท Iocharger
9 Jan 202500:00
โ€“ptsecurity
Vulnrichment		CVE-2024-43657 When uploading new firmware, a shell script inside a firmware file is executed during its processing. This can be used to craft a custom firmware file with a custom script with arbitrary code, which will then be executed on the charging station.
9 Jan 202507:56
โ€“vulnrichment
[
  {
    "enisaIdVendor": [
      {
        "id": "34d1c99b-c798-3758-b055-7790f2af9cf1",
        "vendor": {
          "name": "Iocharger"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "5d14bbd7-17b8-3281-81a0-bd74c1da0ec4",
        "product": {
          "name": "Iocharger firmware for AC models"
        },
        "product_version": "0 <2024120701"
      }
    ]
  }
]

Data

Build on a solid foundation withย Vulners data

Weย provide theย essential building blocks forย cybersecurity solutions withย comprehensive, structured, andย constantly updated vulnerability andย exploits data

Api

Power your application withย Vulners API

The Vulners REST API offers reliable, high-performance access toย vulnerabilityย intelligence, withย 99.9%ย SLAย uptime andย CDN-backed data delivery forย seamlessย global access

App

Assess and manage vulnerabilities withย Vulnersย tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
03 Oct 2025 20:07Current
6.6Medium risk
Vulners AI Score6.6
CVSS 49.3
CVSS 3.18.8
EPSS0.01534
SSVC
command injectioniocharger firmwareac model chargersroot accesscritical impacthigh likelihoodautomated attack
1