3 matches found
CVE-2025-48417 Hard-Coded Certificate and Private Key for HTTPS Web Interface in eCharge Hardy Barth cPH2 / cPP2 charging stations
The certificate and private key used for providing transport layer security for connections to the web interface TCP port 443 is hard-coded in the firmware and are shipped with the update files. An attacker can use the private key to perform man-in-the-middle attacks against users of the admin...
CVE-2025-48417
The CVE-2025-48417 entry concerns hard-coded TLS certificates and private keys in the firmware of eCharge Hardy Barth cPH2 and cPP2 charging stations. The web interface (port 443) uses files in /etc/ssl (e.g., salia.local.crt, salia.local.key, salia.local.pem) and there is no option to upload or ...
CVE-2025-48417 Hard-Coded Certificate and Private Key for HTTPS Web Interface in eCharge Hardy Barth cPH2 / cPP2 charging stations
The certificate and private key used for providing transport layer security for connections to the web interface TCP port 443 is hard-coded in the firmware and are shipped with the update files. An attacker can use the private key to perform man-in-the-middle attacks against users of the admin...