cPH2 Charging Station v1.87.0 - OS Command Injection

An OS command injection vulnerability in Hardy Barth cPH2 Ladestation v1.87.0 and earlier, may allow an unauthenticated remote attacker to execute arbitrary commands on the system via a specifically crafted arguments passed to the connectivity check feature. id: CVE-2023-46359 info: name: cPH2...

MINI-CPH2-8Q3F-9MX2

Bulletin has no description...

CVE-2025-3883

eCharge Hardy Barth cPH2 index.php Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of eCharge Hardy Barth cPH2 charging stations. Authentication is not required to exploit this...

CVE-2025-3881

eCharge Hardy Barth cPH2 checkreq.php ntp Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of eCharge Hardy Barth cPH2 charging stations. Authentication is not required to exploit this...

eCharge Hardy Barth cPH2 操作系统命令注入漏洞

The eCharge Hardy Barth cPH2 is an electric vehicle charging station from eCharge. The eCharge Hardy Barth cPH2 suffers from an operating system command injection vulnerability that stems from the ntp parameter in the checkreq.php endpoint not being properly validated, which could lead to remote...

eCharge Hardy Barth cPH2 操作系统命令注入漏洞

The eCharge Hardy Barth cPH2 is an electric vehicle charging station from eCharge. The eCharge Hardy Barth cPH2 suffers from an operating system command injection vulnerability that stems from the dest parameter not being properly validated in the nwcheckexec.php endpoint, which could lead to...

eCharge Hardy Barth cPH2和eCharge Hardy Barth cPP2 安全漏洞

The eCharge Hardy Barth cPH2 and eCharge Hardy Barth cPP2 are both an electric vehicle charging station from eCharge. A security vulnerability exists in the eCharge Hardy Barth cPH2 and eCharge Hardy Barth cPP2 that stems from the fact that the /etc/passwd and /etc/shadow files contain hard-coded...

eCharge Hardy Barth cPH2和eCharge Hardy Barth cPP2 安全漏洞

The eCharge Hardy Barth cPH2 and eCharge Hardy Barth cPP2 are both an electric vehicle charging station from eCharge. A security vulnerability exists in eCharge Hardy Barth cPH2 and eCharge Hardy Barth cPP2 that originates from an OS command injection in the /var/salia/mqtt.php script, which coul...

(0Day) eCharge Hardy Barth cPH2 nwcheckexec.php dest Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of eCharge Hardy Barth cPH2 charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the dest parameter provided to the...

PT-2025-17683 · Unknown · Echarge Hardy Barth Cph2

Name of the Vulnerable Software and Affected Versions: eCharge Hardy Barth cPH2 affected versions not specified Description: This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of eCharge Hardy Barth cPH2 charging stations. Authentication is no...

CVE-2024-11666

Affected devices beacon to eCharge cloud infrastructure asking if there are any command they should run. This communication is established over an insecure channel since peer verification is disabled everywhere. Therefore, remote unauthenticated users suitably positioned on the network between an...

CVE-2024-11666

CVE-2024-11666 affects cph2_echarge_firmware up to 2.0.4. Root cause: peer verification is disabled and communication with the eCharge cloud infrastructure occurs over an insecure channel, enabling remote unauthenticated users on the network between the EV charger controller and eCharge infrastru...

CVE-2024-11665 Unauthenticated Remote Command Injection

Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in hardy-barth cph2echargefirmware allows OS Command Injection.This issue affects cph2echargefirmware: through 2.0.4...

PT-2024-17176 · Unknown · Cph2 Echarge Firmware

Name of the Vulnerable Software and Affected Versions: cph2 echarge firmware versions through 2.0.4 Description: The issue affects devices that communicate with the eCharge cloud infrastructure over an insecure channel, as peer verification is disabled. This allows remote unauthenticated users,...

PT-2024-17175 · Unknown · Cph2 Echarge Firmware

Name of the Vulnerable Software and Affected Versions: cph2 echarge firmware versions through 2.0.4 Description: The issue affects the cph2 echarge firmware, allowing OS Command Injection due to an Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability...

CGA-QM87-GJ3H-CPH2

Bulletin has no description...

CGA-R8W6-FG6F-CPH2

Bulletin has no description...

CVE-2023-46360

Hardy Barth cPH2 eCharge Ladestation v1.87.0 and earlier is vulnerable to Execution with Unnecessary Privileges...

CVE-2023-46359

An OS command injection vulnerability in Hardy Barth cPH2 eCharge Ladestation v1.87.0 and earlier, may allow an unauthenticated remote attacker to execute arbitrary commands on the system via a specifically crafted arguments passed to the connectivity check feature...

CVE-2023-46359

The cPH2 Charging Station (Hardy Barth) product line, specifically v1.87.0 and earlier, exposes an OS command injection vulnerability via the connectivity check feature. An unauthenticated remote attacker can pass specially crafted arguments to trigger arbitrary command execution, potentially com...