Lucene search
K

110 matches found

nvd
nvd
added 2025/01/31 12:15 a.m.24 views

CVE-2024-23969

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the wlanchnllst function. The issue results from the...

8.8CVSS0.0047EPSS
Exploits0References1
nvd
nvd
added 2025/01/31 12:15 a.m.35 views

CVE-2024-23971

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of OCPP messages. The issue results from...

8.8CVSS0.0049EPSS
Exploits0References1
nvd
nvd
added 2025/01/31 12:15 a.m.26 views

CVE-2024-23970

This vulnerability allows network-adjacent attackers to compromise transport security on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CURLOPTSSLVERIFYHOST setting. The issue...

6.5CVSS0.00226EPSS
Exploits0References1
cnnvd
cnnvd
added 2025/01/31 12:0 a.m.4 views

ChargePoint Home Flex 安全漏洞

ChargePoint Home Flex is a series of electric vehicle charging devices from ChargePoint USA. A security vulnerability exists in ChargePoint Home Flex that stems from improper access control. An attacker could exploit the vulnerability to execute code in a rooted environment...

8.8CVSS6.9AI score0.00493EPSS
Exploits0References1
cnnvd
cnnvd
added 2025/01/31 12:0 a.m.6 views

ChargePoint Home Flex 信任管理问题漏洞

ChargePoint Home Flex is a series of electric vehicle charging devices from ChargePoint USA. A security vulnerability exists in the ChargePoint Home Flex that stems from a lack of proper validation of server-supplied credentials. An attacker exploiting this vulnerability could execute code in a...

6.5CVSS7AI score0.00226EPSS
Exploits0References2
cnnvd
cnnvd
added 2025/01/31 12:0 a.m.6 views

ChargePoint Home Flex 安全漏洞

The ChargePoint Home Flex is a series of electric vehicle charging devices from ChargePoint USA. A security vulnerability exists in the ChargePoint Home Flex that stems from a lack of proper validation of the length of user-supplied data before it is copied into a fixed-length stack-based buffer...

8.8CVSS6.9AI score0.0047EPSS
Exploits0References2
cnnvd
cnnvd
added 2025/01/31 12:0 a.m.4 views

ChargePoint Home Flex 缓冲区错误漏洞

ChargePoint Home Flex is a series of electric vehicle charging devices from ChargePoint USA. A security vulnerability exists in the ChargePoint Home Flex that stems from a lack of proper validation of user-supplied data, which could result in writes beyond the end of the allocated buffer. An...

8.8CVSS6.9AI score0.0047EPSS
Exploits0References2
cnnvd
cnnvd
added 2025/01/31 12:0 a.m.5 views

ChargePoint Home Flex 安全漏洞

ChargePoint Home Flex is a series of electric vehicle charging devices from ChargePoint USA. A security vulnerability exists in ChargePoint Home Flex that stems from a lack of proper authentication before executing a system call using a user-supplied string. An attacker exploiting this...

8.8CVSS7.1AI score0.00492EPSS
Exploits0References1
cnnvd
cnnvd
added 2025/01/31 12:0 a.m.5 views

ChargePoint Home Flex 命令注入漏洞

ChargePoint Home Flex is a series of electric vehicle charging devices from ChargePoint USA. A security vulnerability exists in the ChargePoint Home Flex that stems from a lack of proper authentication before executing a system call using a user-supplied string. An attacker exploiting this...

8.8CVSS7.1AI score0.0049EPSS
Exploits0References2
cve
cve
added 2025/01/30 11:42 p.m.67 views

CVE-2024-23971

The CVE CVE-2024-23971 affects ChargePoint Home Flex. It stems from improper validation of a user-supplied string in the handling of OCPP messages, enabling a network-adjacent attacker to execute code in the root context via a system call (command injection). Multiple sources describe this as a b...

8.8CVSS6.8AI score0.0049EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2025/01/30 11:42 p.m.36 views

CVE-2024-23971 ChargePoint Home Flex OCPP bswitch Command Injection

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of OCPP messages. The issue results from...

8.8CVSS0.0049EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/01/30 11:42 p.m.13 views

CVE-2024-23971 ChargePoint Home Flex OCPP bswitch Command Injection

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of OCPP messages. The issue results from...

8.8CVSS8.8AI score0.0049EPSS
Exploits0References1
cve
cve
added 2025/01/30 11:40 p.m.61 views

CVE-2024-23970

CVE-2024-23970 affects ChargePoint Home Flex devices. The flaw is in the TLS certificate validation via the CURLOPT_SSL_VERIFYHOST setting, with improper validation of the server’s certificate. This enables network-adjacent attackers to compromise transport security and, per reported details, cou...

6.5CVSS6.5AI score0.00226EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2025/01/30 11:40 p.m.12 views

CVE-2024-23970 ChargePoint Home Flex Improper Certificate Validation

This vulnerability allows network-adjacent attackers to compromise transport security on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CURLOPTSSLVERIFYHOST setting. The issue...

6.5CVSS6.6AI score0.00226EPSS
Exploits0References1
cvelist
cvelist
added 2025/01/30 11:40 p.m.28 views

CVE-2024-23970 ChargePoint Home Flex Improper Certificate Validation

This vulnerability allows network-adjacent attackers to compromise transport security on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CURLOPTSSLVERIFYHOST setting. The issue...

6.5CVSS0.00226EPSS
Exploits0References1
cvelist
cvelist
added 2025/01/30 11:37 p.m.28 views

CVE-2024-23969 ChargePoint Home Flex wlanchnllst Out-Of-Bounds Write

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the wlanchnllst function. The issue results from the...

8.8CVSS0.0047EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/01/30 11:37 p.m.8 views

CVE-2024-23969 ChargePoint Home Flex wlanchnllst Out-Of-Bounds Write

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the wlanchnllst function. The issue results from the...

8.8CVSS8.8AI score0.0047EPSS
Exploits0References1
cve
cve
added 2025/01/30 11:37 p.m.59 views

CVE-2024-23969

ChargePoint Home Flex devices are affected by CVE-2024-23969 due to an out-of-bounds write in the wlanchnllst function caused by improper validation of user-supplied data. This vulnerability can allow network-adjacent attackers to execute arbitrary code with root privileges, and authentication is...

8.8CVSS6.9AI score0.0047EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2025/01/30 11:31 p.m.26 views

CVE-2024-23968 ChargePoint Home Flex SrvrToSmSetAutoChnlListMsg Stack-based Buffer Overflow

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SrvrToSmSetAutoChnlListMsg function. The issue...

8.8CVSS0.0047EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/01/30 11:31 p.m.7 views

CVE-2024-23968 ChargePoint Home Flex SrvrToSmSetAutoChnlListMsg Stack-based Buffer Overflow

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SrvrToSmSetAutoChnlListMsg function. The issue...

8.8CVSS8.8AI score0.0047EPSS
Exploits0References1
Rows per page
Query Builder