40 matches found
CVE-2026-0778
Enel X JuiceBox 40 Telnet Service Missing Authentication Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Enel X JuiceBox 40 charging stations. Authentication is not required to exploit this...
CVE-2026-0778
Enel X JuiceBox 40 Telnet Service Missing Authentication Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Enel X JuiceBox 40 charging stations. Authentication is not required to exploit this...
CVE-2026-0778 Enel X JuiceBox 40 Telnet Service Missing Authentication Remote Code Execution Vulnerability
Enel X JuiceBox 40 Telnet Service Missing Authentication Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Enel X JuiceBox 40 charging stations. Authentication is not required to exploit this...
CVE-2026-0778 Enel X JuiceBox 40 Telnet Service Missing Authentication Remote Code Execution Vulnerability
Enel X JuiceBox 40 Telnet Service Missing Authentication Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Enel X JuiceBox 40 charging stations. Authentication is not required to exploit this...
CVE-2026-0778
Enel X JuiceBox 40 Telnet Service Missing Authentication Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Enel X JuiceBox 40 charging stations. Authentication is not required to exploit this...
CVE-2026-0778
CVE-2026-0778 concerns Enel X JuiceBox 40 Telnet service. The Telnet daemon, listening on TCP 2000, lacks authentication before allowing remote connections, enabling network-adjacent attackers to execute arbitrary code with the service account context. Documents from ZDI, Red Hat, NVD, CVE listin...
Enel X JuiceBox 40: Access control error vulnerability
The Enel X JuiceBox 40 is a household electric vehicle charging station developed by the American company Enel X. The Enel X JuiceBox 40 has a access control vulnerability, which stems from the lack of authentication in the Telnet service. This vulnerability may lead to remote code execution...
PT-2026-2006
Name of the Vulnerable Software and Affected Versions Enel X JuiceBox 40 affected versions not specified Description The Enel X JuiceBox 40 device contains a flaw due to a missing authentication mechanism in its Telnet service, potentially allowing for remote code execution. This issue was...
(0Day) (Pwn2Own) Enel X JuiceBox 40 Telnet Service Missing Authentication Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Enel X JuiceBox 40 charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the telnet service, which listens on TCP port 2000 by...
CVE-2023-29126 Insecure loose comparison in Enel X JuiceBox
The Waybox Enel X web management application contains a PHP-type juggling vulnerability that may allow a brute force process and under certain conditions bypass authentication...
CVE-2023-29126 Insecure loose comparison in Enel X JuiceBox
The Waybox Enel X web management application contains a PHP-type juggling vulnerability that may allow a brute force process and under certain conditions bypass authentication...
CVE-2023-29125 Heap overflow in CM_main.exe binary in Enel X JuiceBox
A heap buffer overflow could be triggered by sending a specific packet to TCP port 7700...
CVE-2023-29125 Heap overflow in CM_main.exe binary in Enel X JuiceBox
A heap buffer overflow could be triggered by sending a specific packet to TCP port 7700...
CVE-2023-29122 Incorrect file ownership of privileged service's libraries in Enel X JuiceBox
Under certain conditions, access to service libraries is granted to account they should not have access to...
CVE-2023-29122 Incorrect file ownership of privileged service's libraries in Enel X JuiceBox
Under certain conditions, access to service libraries is granted to account they should not have access to...
CVE-2023-29121 Exposed TCF agent service in Enel X Juicebox
Waybox Enel TCF Agent service could be used to get administrator’s privileges over the Waybox system...
CVE-2023-29121 Exposed TCF agent service in Enel X Juicebox
Waybox Enel TCF Agent service could be used to get administrator’s privileges over the Waybox system...
CVE-2023-29120 Unauthorized Remote Command Execution in Enel X Juicebox
Waybox Enel X web management application could be used to execute arbitrary OS commands and provide administrator’s privileges over the Waybox system...
CVE-2023-29120 Unauthorized Remote Command Execution in Enel X Juicebox
Waybox Enel X web management application could be used to execute arbitrary OS commands and provide administrator’s privileges over the Waybox system...
CVE-2023-29118 Unauthorized SQLite Injection in Enel X Juicebox
Waybox Enel X web management application could execute arbitrary requests on the internal database via /admin/versions.php...