110 matches found
CVE-2024-23969
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the wlanchnllst function. The issue results from the...
CVE-2024-23971
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of OCPP messages. The issue results from...
CVE-2024-23970
This vulnerability allows network-adjacent attackers to compromise transport security on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CURLOPTSSLVERIFYHOST setting. The issue...
ChargePoint Home Flex 安全漏洞
ChargePoint Home Flex is a series of electric vehicle charging devices from ChargePoint USA. A security vulnerability exists in ChargePoint Home Flex that stems from improper access control. An attacker could exploit the vulnerability to execute code in a rooted environment...
ChargePoint Home Flex 信任管理问题漏洞
ChargePoint Home Flex is a series of electric vehicle charging devices from ChargePoint USA. A security vulnerability exists in the ChargePoint Home Flex that stems from a lack of proper validation of server-supplied credentials. An attacker exploiting this vulnerability could execute code in a...
ChargePoint Home Flex 安全漏洞
The ChargePoint Home Flex is a series of electric vehicle charging devices from ChargePoint USA. A security vulnerability exists in the ChargePoint Home Flex that stems from a lack of proper validation of the length of user-supplied data before it is copied into a fixed-length stack-based buffer...
ChargePoint Home Flex 缓冲区错误漏洞
ChargePoint Home Flex is a series of electric vehicle charging devices from ChargePoint USA. A security vulnerability exists in the ChargePoint Home Flex that stems from a lack of proper validation of user-supplied data, which could result in writes beyond the end of the allocated buffer. An...
ChargePoint Home Flex 安全漏洞
ChargePoint Home Flex is a series of electric vehicle charging devices from ChargePoint USA. A security vulnerability exists in ChargePoint Home Flex that stems from a lack of proper authentication before executing a system call using a user-supplied string. An attacker exploiting this...
ChargePoint Home Flex 命令注入漏洞
ChargePoint Home Flex is a series of electric vehicle charging devices from ChargePoint USA. A security vulnerability exists in the ChargePoint Home Flex that stems from a lack of proper authentication before executing a system call using a user-supplied string. An attacker exploiting this...
CVE-2024-23971
The CVE CVE-2024-23971 affects ChargePoint Home Flex. It stems from improper validation of a user-supplied string in the handling of OCPP messages, enabling a network-adjacent attacker to execute code in the root context via a system call (command injection). Multiple sources describe this as a b...
CVE-2024-23971 ChargePoint Home Flex OCPP bswitch Command Injection
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of OCPP messages. The issue results from...
CVE-2024-23971 ChargePoint Home Flex OCPP bswitch Command Injection
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of OCPP messages. The issue results from...
CVE-2024-23970
CVE-2024-23970 affects ChargePoint Home Flex devices. The flaw is in the TLS certificate validation via the CURLOPT_SSL_VERIFYHOST setting, with improper validation of the server’s certificate. This enables network-adjacent attackers to compromise transport security and, per reported details, cou...
CVE-2024-23970 ChargePoint Home Flex Improper Certificate Validation
This vulnerability allows network-adjacent attackers to compromise transport security on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CURLOPTSSLVERIFYHOST setting. The issue...
CVE-2024-23970 ChargePoint Home Flex Improper Certificate Validation
This vulnerability allows network-adjacent attackers to compromise transport security on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CURLOPTSSLVERIFYHOST setting. The issue...
CVE-2024-23969 ChargePoint Home Flex wlanchnllst Out-Of-Bounds Write
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the wlanchnllst function. The issue results from the...
CVE-2024-23969 ChargePoint Home Flex wlanchnllst Out-Of-Bounds Write
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the wlanchnllst function. The issue results from the...
CVE-2024-23969
ChargePoint Home Flex devices are affected by CVE-2024-23969 due to an out-of-bounds write in the wlanchnllst function caused by improper validation of user-supplied data. This vulnerability can allow network-adjacent attackers to execute arbitrary code with root privileges, and authentication is...
CVE-2024-23968 ChargePoint Home Flex SrvrToSmSetAutoChnlListMsg Stack-based Buffer Overflow
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SrvrToSmSetAutoChnlListMsg function. The issue...
CVE-2024-23968 ChargePoint Home Flex SrvrToSmSetAutoChnlListMsg Stack-based Buffer Overflow
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SrvrToSmSetAutoChnlListMsg function. The issue...