Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:31 a.m.12 views

CVE-2024-5684

An attacker with access to the private network the charger is connected to or local access to the Ethernet-Interface can exploit a faulty implementation of the JWT-library in order to bypass the password authentication to the web configuration interface and then has full access as the user would...

8.8CVSS7.3AI score0.00188EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/06 12:54 p.m.38 views

CVE-2024-5684 ID Charger Connect & Pro - JWT-Null-Algorithm

An attacker with access to the private network the charger is connected to or local access to the Ethernet-Interface can exploit a faulty implementation of the JWT-library in order to bypass the password authentication to the web configuration interface and then has full access as the user would...

6.3CVSS6.5AI score0.00188EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/06 12:54 p.m.22 views

CVE-2024-5684 ID Charger Connect & Pro - JWT-Null-Algorithm

An attacker with access to the private network the charger is connected to or local access to the Ethernet-Interface can exploit a faulty implementation of the JWT-library in order to bypass the password authentication to the web configuration interface and then has full access as the user would...

6.3CVSS7.2AI score0.00188EPSS
Exploits0References1
CVE
CVE
added 2024/06/06 12:54 p.m.105 views

CVE-2024-5684

CVE-2024-5684 affects Volkswagen Group ID Charger Connect & Pro. A faulty JWT-library implementation can allow a local/adjacent attacker to bypass password authentication on the web configuration interface and gain full user access. If the library accepts a "+none" algorithm, the JWT may be insec...

8.8CVSS6.9AI score0.00188EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder