Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Wallbox Gtb Firmware Security Vulnerabilities

cve
cve

CVE-2021-45876

Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by unauthenticated command injection. The url parameter of the function module downloadAndUpdate is vulnerable to an command Injection. Unfiltered user input is used to generate code which then gets executed when downloading new firmware.

9.8CVSS

9.7AI Score

0.001EPSS

2022-03-21 11:15 AM
66
cve
cve

CVE-2021-45877

Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by hard coded credentials. A hardcoded credential exist in /etc/tomcat8/tomcat-user.xml, which allows attackers to gain authorized access and control the tomcat completely on port 8000 in the tomcat manger page.

9.8CVSS

9.4AI Score

0.002EPSS

2022-03-21 11:15 AM
39
cve
cve

CVE-2021-45878

Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by incorrect access control. Lack of access control on the web manger pages allows any user to view and modify information.

9.1CVSS

9AI Score

0.002EPSS

2022-03-21 11:15 AM
57
cve
cve

CVE-2023-30399

Insecure permissions in the settings page of GARO Wallbox GLB/GTB/GTC before v189 allows attackers to redirect users to a crafted update package link via a man-in-the-middle attack.

8.1CVSS

7.7AI Score

0.002EPSS

2023-05-04 09:15 PM
18