CVE-2024-11666

Affected devices beacon to eCharge cloud infrastructure asking if there are any command they should run. This communication is established over an insecure channel since peer verification is disabled everywhere. Therefore, remote unauthenticated users suitably positioned on the network between an...

CVE-2024-11665 Unauthenticated Remote Command Injection

Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in hardy-barth cph2echargefirmware allows OS Command Injection.This issue affects cph2echargefirmware: through 2.0.4...

PT-2024-17176 · Unknown · Cph2 Echarge Firmware

Name of the Vulnerable Software and Affected Versions: cph2 echarge firmware versions through 2.0.4 Description: The issue affects devices that communicate with the eCharge cloud infrastructure over an insecure channel, as peer verification is disabled. This allows remote unauthenticated users,...

PT-2024-17175 · Unknown · Cph2 Echarge Firmware

Name of the Vulnerable Software and Affected Versions: cph2 echarge firmware versions through 2.0.4 Description: The issue affects the cph2 echarge firmware, allowing OS Command Injection due to an Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability...

CVE-2023-46360

Hardy Barth cPH2 eCharge Ladestation v1.87.0 and earlier is vulnerable to Execution with Unnecessary Privileges...

CVE-2023-46359

An OS command injection vulnerability in Hardy Barth cPH2 eCharge Ladestation v1.87.0 and earlier, may allow an unauthenticated remote attacker to execute arbitrary commands on the system via a specifically crafted arguments passed to the connectivity check feature...

CVE-2023-46359

The cPH2 Charging Station (Hardy Barth) product line, specifically v1.87.0 and earlier, exposes an OS command injection vulnerability via the connectivity check feature. An unauthenticated remote attacker can pass specially crafted arguments to trigger arbitrary command execution, potentially com...

PT-2023-8587 · Hardy Barth · Cph2 Echarge Ladestation

Name of the Vulnerable Software and Affected Versions: Hardy Barth cPH2 eCharge Ladestation versions 1.87.0 and earlier Description: The issue exists due to the lack of measures to neutralize special elements used in the operating system command. This may allow a remote attacker to execute...

PT-2023-8588 · Hardy Barth · Hardy Barth Cph2 Echarge Ladestation

Name of the Vulnerable Software and Affected Versions: Hardy Barth cPH2 eCharge Ladestation versions 1.87.0 and earlier Description: The issue is related to errors in privilege management in the web application of the Hardy Barth cPH2 eCharge Ladestation. Exploitation of this issue may allow a...