8 matches found
PT-2026-2204
Name of the Vulnerable Software and Affected Versions EFACEC charging systems affected versions not specified Description An attacker with access to the system's internal network can cause a denial of service by establishing two concurrent connections through the Telnet service. The issue impacts...
Addressing Weak Authentication like RFID, NFC in EVs and EVCs Using AI-Powered Adaptive Authentication
The rapid expansion of the Electric Vehicles EVs and Electric Vehicle Charging Systems EVCs has introduced new cybersecurity challenges, specifically in authentication protocols that protect vehicles, users, and energy infrastructure. Although widely adopted for convenience, traditional...
CVE-2025-22369 Mennekes smart/premium charges systems, Arbitrary file download using ReadFile endpoint
The ReadFile endpoint of the firmware for Mennekes Smart / Premium Chargingpoints can be abused to read arbitrary files from the underlying OS...
CVE-2025-22366 Mennekes smart/premium charges systems, Command injection in firmware upgrade
The authenticated firmware update capability of the firmware for Mennekes Smart / Premium Chargingpoints can be abused for command execution because OS command are improperly neutralized when certain fields are passed to the underlying OS...
CVE-2025-22370 Mennekes smart/premium charges systems, SQL Injection in web configuration interface
Many fields for the web configuration interface of the firmware for Mennekes Smart / Premium Chargingpoints can be abused to execute arbitrary SQL commands because the values are insufficiently neutralized...
CVE-2025-22368 Mennekes smart/premium charges systems, Command injection in sCU firmware update
The authenticated SCU firmware command of the firmware for Mennekes Smart / Premium Chargingpoints can be abused for command execution because OS commands are improperly neutralized when certain fields are passed to the underlying OS...
CVE-2025-22368 Mennekes smart/premium charges systems, Command injection in sCU firmware update
The authenticated SCU firmware command of the firmware for Mennekes Smart / Premium Chargingpoints can be abused for command execution because OS commands are improperly neutralized when certain fields are passed to the underlying OS...
CVE-2025-22370 Mennekes smart/premium charges systems, SQL Injection in web configuration interface
Many fields for the web configuration interface of the firmware for Mennekes Smart / Premium Chargingpoints can be abused to execute arbitrary SQL commands because the values are insufficiently neutralized...