Lucene search
+L

3 matches found

CVE
CVE
added 2025/01/09 7:56 a.m.53 views

CVE-2024-43657

Summary of CVE-2024-43657 (Iocharger firmware) : Affects AC model Iocharger firmware before 24120701. The issue is an improper neutralization of special elements in a firmware file, enabling OS command injection as root via the processing of a firmware upload. Attack requires a low-privileged acc...

9.3CVSS7.6AI score0.01437EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/01/09 7:56 a.m.17 views

CVE-2024-43657 When uploading new firmware, a shell script inside a firmware file is executed during its processing. This can be used to craft a custom firmware file with a custom script with arbitrary code, which will then be executed on the charging station.

Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability allows OS Command Injection as root This issue affects Iocharger firmware for AC model chargers before version 24120701. Likelihood: High. However, the attacker will need a low privilege account to gai...

9.3CVSS0.01437EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/01/09 7:56 a.m.6 views

CVE-2024-43657 When uploading new firmware, a shell script inside a firmware file is executed during its processing. This can be used to craft a custom firmware file with a custom script with arbitrary code, which will then be executed on the charging station.

Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability allows OS Command Injection as root This issue affects Iocharger firmware for AC model chargers before version 24120701. Likelihood: High. However, the attacker will need a low privilege account to gai...

9.3CVSS8.3AI score0.01437EPSS
Exploits0References3
Rows per page
Query Builder