Lucene search
K

5 matches found

OSV
OSV
added 2024/05/14 4:16 p.m.2 views

CVE-2024-28136

A local attacker with low privileges can use a command injection vulnerability to gain root privileges due to improper input validation using the OCPP Remote service...

7.8CVSS5.8AI score0.0075EPSS
Exploits0References1
NVD
NVD
added 2024/05/14 4:16 p.m.15 views

CVE-2024-28136

A local attacker with low privileges can use a command injection vulnerability to gain root privileges due to improper input validation using the OCPP Remote service...

7.8CVSS7.9AI score0.0075EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/14 8:9 a.m.25 views

CVE-2024-28136 PHOENIX CONTACT: command injection gains root privileges using the OCPP remote service

A local attacker with low privileges can use a command injection vulnerability to gain root privileges due to improper input validation using the OCPP Remote service...

7.8CVSS7.9AI score0.0075EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/14 8:9 a.m.19 views

CVE-2024-28136 PHOENIX CONTACT: command injection gains root privileges using the OCPP remote service

A local attacker with low privileges can use a command injection vulnerability to gain root privileges due to improper input validation using the OCPP Remote service...

7.8CVSS8.1AI score0.0075EPSS
Exploits0References1
CVE
CVE
added 2024/05/14 8:9 a.m.65 views

CVE-2024-28136

CVE-2024-28136 describes a command-injection on PHOENIX CONTACT CHARX SEC devices via the OCPP Remote service. Multiple connected sources (ZDI, NVD, CVE listings) indicate the flaw resides in input validation when processing Charger ID/remote commands (e.g., Get Diagnostics), enabling a low-privi...

7.8CVSS7.9AI score0.0075EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder