25 matches found
Efacec QC 安全漏洞
Efacec QC is a series of electric vehicle charging posts from Efacec Portugal. A security vulnerability exists in the Efacec QC 60/90/120, which originates from a network connection where an attacker could detect plaintext credentials...
PT-2026-1664
Name of the Vulnerable Software and Affected Versions EFACEC EV chargers affected versions not specified Description A large number of ARP requests can cause a denial of service on a control board within the EV charger, impacting the EV interfaces. The affected board's proper operation is essenti...
Efacec QC 安全漏洞
Efacec QC is a series of electric vehicle chargers from Efacec Portugal. A security vulnerability exists in the Efacec QC 60/90/120 that stems from a large number of ICMP requests sent that could result in a denial of service to the charger board controlling the EV interface...
PT-2026-2204
Name of the Vulnerable Software and Affected Versions EFACEC charging systems affected versions not specified Description An attacker with access to the system's internal network can cause a denial of service by establishing two concurrent connections through the Telnet service. The issue impacts...
Efacec QC 安全漏洞
Efacec QC is a series of electric vehicle charging posts from Efacec Portugal. A security vulnerability exists in the Efacec QC 60/90/120 that stems from a service interaction without authentication, which could lead to an attacker obtaining charger information via the OCPP v1.6 protocol...
Efacec QC 安全漏洞
Efacec QC is a series of electric vehicle charging posts from Efacec Portugal. A security vulnerability exists in Efacec QC that stems from a lack of privilege control over user XXX, which could lead to unlimited privilege elevation...
Efacec QC 安全漏洞
Efacec QC is a series of electric vehicle charging posts from the Portuguese company Efacec. A security vulnerability exists in the Efacec QC that stems from the device web server access credentials being sent in Base64 encoding via the HTTP header, which is not a strong encryption algorithm, and...
Efacec QC 安全漏洞
EFACEC Efacec QC is a series of electric vehicle chargers from EFACEC Portugal. A security vulnerability exists in the EFACEC QC 60/90/120, which stems from the fact that sending a large number of ARP requests may result in a denial of service to the charger board controlling the EV interface...
Efacec QC 安全漏洞
Efacec QC is a series of electric vehicle charging posts from Efacec Portugal. A security vulnerability exists in the Efacec QC 60/90/120, which stems from a lack of system hardening and could allow an attacker to access files containing plaintext credentials or sensitive information...
Efacec QC 安全漏洞
Efacec QC is a series of electric vehicle charging posts from Efacec Portugal. A security vulnerability exists in the Efacec QC 60/90/120 that stems from the unencrypted MQTT communication protocol, which could lead an attacker to write data to the server subject controlling the MQTT communicatio...
EFACEC QC 安全漏洞
EFACEC Efacec QC is a series of electric vehicle charging posts from EFACEC Portugal. A security vulnerability exists in the EFACEC QC 60/90/120, which originates from the fact that an attacker can establish two concurrent connections via the Telnet service, which may result in a denial of servic...
CVE-2023-50706 Improper Access Control in EFACEC UC 500E
A user without administrator permissions with access to the UC500 windows system could perform a memory dump of the running processes and extract clear credentials or valid session tokens...
CVE-2023-50704 URL Redirection to Untrusted Site ('Open Redirect') in EFACEC UC 500E
An attacker could construct a URL within the application that causes a redirection to an arbitrary external domain and could be leveraged to facilitate phishing attacks against application users...
CVE-2023-50704 URL Redirection to Untrusted Site ('Open Redirect') in EFACEC UC 500E
An attacker could construct a URL within the application that causes a redirection to an arbitrary external domain and could be leveraged to facilitate phishing attacks against application users...
CVE-2023-50703 Cleartext Transmission of Sensitive Information in EFACEC UC 500E
An attacker with network access could perform a man-in-the-middle MitM attack and capture sensitive information to gain unauthorized access to the application...
CVE-2023-6689 Cross-Site Request Forgery in EFACEC BCU 500
A successful CSRF attack could force the user to perform state changing requests on the application. If the victim is an administrative account, a CSRF attack could compromise the entire web application...
CVE-2023-50707 Uncontrolled Resource Consumption in EFACEC BCU 500
Through the exploitation of active user sessions, an attacker could send custom requests to cause a denial-of-service condition on the device...
EFACEC UC 500E
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : EFACEC Equipment : UC 500 Vulnerabilities : Cleartext Transmission of Sensitive Information, Open Redirect, Exposure of Sensitive Information to an Unauthorized Actor, Improper Access Contro...
EFACEC BCU 500
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION : Exploitable remotely/low attack complexity Vendor : EFACEC Equipment : BCU 500 Vulnerabilities : Uncontrolled Resource Consumption, Cross-site Request Forgery 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an...
EFACEC BCU 500 Resource Management Error Vulnerability
The EFACEC BCU 500 is a programmable control system from EFACEC Portugal. The EFACEC BCU 500 suffers from a resource management error vulnerability that originates from the fact that by exploiting an active user session, an attacker can send a custom request to cause a denial of service on the...