4 matches found
CVE-2024-11666
Affected devices beacon to eCharge cloud infrastructure asking if there are any command they should run. This communication is established over an insecure channel since peer verification is disabled everywhere. Therefore, remote unauthenticated users suitably positioned on the network between an...
CVE-2024-11665 Unauthenticated Remote Command Injection
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in hardy-barth cph2echargefirmware allows OS Command Injection.This issue affects cph2echargefirmware: through 2.0.4...
PT-2024-17176 · Unknown · Cph2 Echarge Firmware
Name of the Vulnerable Software and Affected Versions: cph2 echarge firmware versions through 2.0.4 Description: The issue affects devices that communicate with the eCharge cloud infrastructure over an insecure channel, as peer verification is disabled. This allows remote unauthenticated users,...
PT-2024-17175 · Unknown · Cph2 Echarge Firmware
Name of the Vulnerable Software and Affected Versions: cph2 echarge firmware versions through 2.0.4 Description: The issue affects the cph2 echarge firmware, allowing OS Command Injection due to an Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability...