98 matches found
EUVD-2026-21639
ChargePoint Home Flex Inclusion of Sensitive Information in Source Code Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploi...
EUVD-2026-21641
ChargePoint Home Flex OCPP getpreq Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex EV chargers. Authentication is not required to exploit this...
CVE-2026-4155
ChargePoint Home Flex Inclusion of Sensitive Information in Source Code Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploi...
CVE-2026-4157
ChargePoint Home Flex revssh Service Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex devices. Authentication is not required to exploit this vulnerability. The...
CVE-2026-4156
ChargePoint Home Flex OCPP getpreq Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex EV chargers. Authentication is not required to exploit this...
CVE-2026-4157 ChargePoint Home Flex revssh Service Command Injection Remote Code Execution Vulnerability
ChargePoint Home Flex revssh Service Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex devices. Authentication is not required to exploit this vulnerability. The...
CVE-2026-4157
ChargePoint Home Flex revssh Service Command Injection (CVE-2026-4157) allows network-adjacent attackers to execute arbitrary code as root due to improper validation of a user-supplied string before invoking a system call in OCPP message handling. Authentication is not required. The issue is docu...
EUVD-2026-21643
ChargePoint Home Flex revssh Service Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex devices. Authentication is not required to exploit this vulnerability. The...
CVE-2026-4157 ChargePoint Home Flex revssh Service Command Injection Remote Code Execution Vulnerability
ChargePoint Home Flex revssh Service Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex devices. Authentication is not required to exploit this vulnerability. The...
CVE-2026-4156 ChargePoint Home Flex OCPP getpreq Stack-based Buffer Overflow Remote Code Execution Vulnerability
ChargePoint Home Flex OCPP getpreq Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex EV chargers. Authentication is not required to exploit this...
CVE-2026-4156 ChargePoint Home Flex OCPP getpreq Stack-based Buffer Overflow Remote Code Execution Vulnerability
ChargePoint Home Flex OCPP getpreq Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex EV chargers. Authentication is not required to exploit this...
CVE-2026-4156
Summary: CVE-2026-4156 affects ChargePoint Home Flex. The flaw is a stack-based buffer overflow in the OCPP getpreq handling, caused by improper validation of user-supplied data length copied into a fixed-length buffer. This leads to remote code execution in the context of root for network-adjace...
CVE-2026-4155 ChargePoint Home Flex Inclusion of Sensitive Information in Source Code Information Disclosure Vulnerability
ChargePoint Home Flex Inclusion of Sensitive Information in Source Code Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploi...
CVE-2026-4155
ChargePoint Home Flex is affected. The flaw is in the genpw script where a secret cryptographic seed is embedded, allowing remote disclosure of stored credentials without authentication. This vulnerability enables information disclosure on affected installations. No remediation version is specifi...
CVE-2026-4155 ChargePoint Home Flex Inclusion of Sensitive Information in Source Code Information Disclosure Vulnerability
ChargePoint Home Flex Inclusion of Sensitive Information in Source Code Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploi...
ChargePoint Home Flex 安全漏洞
The ChargePoint Home Flex is a series of electric vehicle charging devices developed by the US company ChargePoint. The ChargePoint Home Flex has a security vulnerability, which stems from the use of secret encrypted seed values in the source code, potentially leading to information leakage...
ChargePoint Home Flex 安全漏洞
The ChargePoint Home Flex is a series of electric vehicle charging devices developed by the US company ChargePoint. The ChargePoint Home Flex has a security vulnerability, which stems from insufficient length validation when processing OCPP messages, potentially leading to remote code execution...
ChargePoint Home Flex 操作系统命令注入漏洞
The ChargePoint Home Flex is a series of electric vehicle charging devices developed by the US company ChargePoint. The ChargePoint Home Flex has a vulnerability related to operating system command injection. This vulnerability stems from insufficient validation during the processing of OCPP...
PT-2026-25835
Name of the Vulnerable Software and Affected Versions ChargePoint Home Flex affected versions not specified Description A stack-based buffer overflow exists in the OCPP getpreq functionality of ChargePoint Home Flex, potentially leading to remote code execution. The issue was discovered during th...
(Pwn2Own) ChargePoint Home Flex Inclusion of Sensitive Information in Source Code Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the genpw script. The issue results from the inclusion o...