CVE-2026-28204 CTEK Chargeportal Insufficiently Protected Credentials

Charging station authentication identifiers are publicly accessible via web-based mapping platforms...

CVE-2026-28204

Technical details are not publicly available in the provided documents. The records only state that charging station authentication identifiers are publicly accessible via mapping platforms. Monitor for updates; no root cause or remediation details are provided here.

CVE-2026-31904 CTEK Chargeportal Improper Restriction of Excessive Authentication Attempts

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...

CVE-2026-25192 CTEK Chargeportal Missing Authentication for Critical Function

WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint using a known or discovered charging station identifier, then...

CTEK Chargeportal 代码问题漏洞

CTEK Chargeportal is an electric vehicle charging management platform developed by the Swedish company CTEK. CTEK Chargeportal has code-related vulnerabilities; these vulnerabilities stem from the predictable nature of session identifiers and the ability for multiple endpoints to use the same...

CTEK Chargeportal 安全漏洞

CTEK Chargeportal is an electric vehicle charging management platform developed by the Swedish company CTEK. There is a security vulnerability in CTEK Chargeportal, which can be exploited through publicly accessible web-based maps platforms, potentially leading to identifier leaks...

CTEK Chargeportal 安全漏洞

CTEK Chargeportal is an electric vehicle charging management platform developed by the Swedish company CTEK. CTEK Chargeportal has a security vulnerability, which stems from the lack of a limit on the number of authentication requests in the WebSocket application programming interface. This...

CTEK Chargeportal 访问控制错误漏洞

CTEK Chargeportal is an electric vehicle charging management platform developed by the Swedish company CTEK. CTEK Chargeportal has a security vulnerability related to access control, which stems from the lack of an authentication mechanism. This vulnerability could allow unverified attackers to...