2 matches found
CVE-2026-40702 EVoke Systems EVoke CSMS Missing Authentication for Critical Function
WebSocket endpoints lack proper authentication mechanisms, enabling attackers to impersonate charging stations. As a result, attackers can exploit this weakness to gain unauthorized access to sensitive data or perform unauthorized actions. Given that no authentication is required, this can lead t...
CVE-2026-44622
CVE-2026-44622 affects EVoke Systems EVoke CSMS (charging stations). The vulnerability is described as insufficiently protected credentials, causing authentication identifiers to be publicly accessible via web-based mapping platforms. CVSS v3.1 base score 6.5 (MEDIUM) and CVSS v4.0 base score 6.9...