CVE-2026-25192 CTEK Chargeportal Missing Authentication for Critical Function

WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint using a known or discovered charging station identifier, then...

CTEK Chargeportal 访问控制错误漏洞

CTEK Chargeportal is an electric vehicle charging management platform developed by the Swedish company CTEK. CTEK Chargeportal has a security vulnerability related to access control, which stems from the lack of an authentication mechanism. This vulnerability could allow unverified attackers to...

CTEK Chargeportal 安全漏洞

CTEK Chargeportal is an electric vehicle charging management platform developed by the Swedish company CTEK. There is a security vulnerability in CTEK Chargeportal, which can be exploited through publicly accessible web-based maps platforms, potentially leading to identifier leaks...

CTEK Chargeportal 代码问题漏洞

CTEK Chargeportal is an electric vehicle charging management platform developed by the Swedish company CTEK. CTEK Chargeportal has code-related vulnerabilities; these vulnerabilities stem from the predictable nature of session identifiers and the ability for multiple endpoints to use the same...

CTEK Chargeportal 安全漏洞

CTEK Chargeportal is an electric vehicle charging management platform developed by the Swedish company CTEK. CTEK Chargeportal has a security vulnerability, which stems from the lack of a limit on the number of authentication requests in the WebSocket application programming interface. This...

EUVD-2017-5515

Malware in sbrugna...

CVE-2017-14000

An Improper Authentication issue was discovered in Ctek SkyRouter Series 4200 and 4400, all versions prior to V6.00.11. By accessing a specific uniform resource locator URL on the web server, a malicious user is able to access the application without authenticating...

CVE-2017-14000

An Improper Authentication issue was discovered in Ctek SkyRouter Series 4200 and 4400, all versions prior to V6.00.11. By accessing a specific uniform resource locator URL on the web server, a malicious user is able to access the application without authenticating...

Authentication flaw

An Improper Authentication issue was discovered in Ctek SkyRouter Series 4200 and 4400, all versions prior to V6.00.11. By accessing a specific uniform resource locator URL on the web server, a malicious user is able to access the application without authenticating...

CVE-2017-14000

An Improper Authentication issue was discovered in Ctek SkyRouter Series 4200 and 4400, all versions prior to V6.00.11. By accessing a specific uniform resource locator URL on the web server, a malicious user is able to access the application without authenticating...

CVE-2017-14000

CVE-2017-14000 affects Ctek SkyRouter Series 4200/4400 (all versions before V6.00.11). The vulnerability is an Improper Authentication that allows access to the web application without authenticating by hitting a specific URL. MITRE-style details from the provided sources indicate the impact as u...

Ctek SkyRouter Authentication Bypass Vulnerability

SkyRouter is a product from CTEK Sweden for managing wireless IP connections. An authentication bypass vulnerability exists in Ctek SkyRouter, which can be exploited by an attacker to bypass authentication restrictions and gain access to an application by accessing a specific Uniform Resource...

Ctek, Inc. SkyRouter

CVSS v3 8.6 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Ctek, Inc. Equipment: SkyRouter Vulnerability: Improper Authentication AFFECTED PRODUCTS The following versions of SkyRouter, a wireless and automation solution, are affected: SkyRouter Series 4200 and 4400 all versio...

CTEK SkyRouter 4200 and 4300 Command Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

Ctek SkyRouter 4200 and 4300 Series Routers Remote Arbitrary Command Execution Vulnerability

Ctek SkyRouter 4200 and 4300 series routers are prone to a remote arbitrary command-execution vulnerability because it fails to adequately sanitize user-supplied input. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright...

Ctek SkyRouter 4200 and 4300 Series Routers Remote Arbitrary Command Execution Vulnerability

Ctek SkyRouter 4200 and 4300 series routers are prone to a remote arbitrary command-execution vulnerability because it fails to adequately sanitize user-supplied input. Remote attackers can exploit this issue to execute arbitrary shell commands with superuser privileges, which may facilitate a...

CVE-2011-5010

apps/a3/cfgethping.cgi in the Ctek SkyRouter 4200 and 4300 allows remote attackers to execute arbitrary commands via shell metacharacters in the PINGADDRESS parameter for a "u" action...

Deserialization of untrusted data

apps/a3/cfgethping.cgi in the Ctek SkyRouter 4200 and 4300 allows remote attackers to execute arbitrary commands via shell metacharacters in the PINGADDRESS parameter for a "u" action...

CVE-2011-5010

apps/a3/cfgethping.cgi in the Ctek SkyRouter 4200 and 4300 allows remote attackers to execute arbitrary commands via shell metacharacters in the PINGADDRESS parameter for a "u" action...

CVE-2011-5010

CVE-2011-5010 affects Ctek SkyRouter 4200 and 4300 series routers. Affected component: apps/a3/cfg_ethping.cgi under action “u”, where remote attackers can inject shell metacharacters in the PINGADDRESS parameter to execute arbitrary commands. Public references note remote command execution with ...