68 matches found
EUVD-2024-40401
Malicious code in bioql PyPI...
EUVD-2024-40395
Malicious code in bioql PyPI...
EUVD-2024-40397
Malicious code in bioql PyPI...
EUVD-2024-40392
Malicious code in bioql PyPI...
EUVD-2024-40398
Malicious code in bioql PyPI...
EUVD-2024-40400
Malicious code in bioql PyPI...
EUVD-2024-40407
Malicious code in bioql PyPI...
EUVD-2024-40406
Malicious code in bioql PyPI...
EUVD-2024-40404
Malicious code in bioql PyPI...
EUVD-2024-40399
Malicious code in bioql PyPI...
EUVD-2024-40405
Malicious code in bioql PyPI...
EUVD-2024-40394
Malicious code in bioql PyPI...
EUVD-2024-40396
Malicious code in bioql PyPI...
CVE-2024-43659
After gaining access to the firmware of a charging station, a file at can be accessed to obtain default credentials that are the same across all Iocharger AC model EV chargers. This issue affects Iocharger firmware for AC models before firmware version 25010801. The issue is addressed by requirin...
CVE-2024-43660
The CGI script .sh can be used to download any file on the filesystem. This issue affects Iocharger firmware for AC model chargers beforeversion 24120701. Likelihood: High, but credentials required. Impact: Critical – The script can be used to download any file on the filesystem, including...
CVE-2024-43662
The .exe or .exe CGI binary can be used to upload arbitrary files to /tmp/upload/ or /tmp/ respectively as any user, although the user interface for uploading files is only shown to the iocadmin user. This issue affects Iocharger firmware for AC models before version 24120701. Likelihood: Moderat...
CVE-2024-43663
There are many buffer overflow vulnerabilities present in several CGI binaries of the charging station.This issue affects Iocharger firmware for AC model chargers beforeversion 24120701. Likelihood: High – Given the prevalence of these buffer overflows, and the clear error message of the web...
CVE-2024-43654
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Iocharger firmware for AC models allows OS Command Injection as root This issue affects all Iocharger AC EV charger models on a firmware version before 25010801. Likelihood: Moderate – The binary do...
CVE-2024-43655
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability allows OS Command Injection as root This issue affects Iocharger firmware for AC model chargers before version 24120701. Likelihood: Moderate – The attacker will first need to find the name of the...
CVE-2024-43656
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability allows OS Command Injection as root This issue affects Iocharger firmware for AC model chargers before version 24120701. Likelihood: Moderate – It might be difficult for an attacker to identify the fil...