Charx Sec-3000 Firmware Security Vulnerabilities and Issues — Charx Sec-3000 Firmware CVE List

Lucene search

PhoenixcontactCharx Sec-3000 Firmware

6 matches found

CVE•added 2024/03/12 9:15 a.m.•78 views

CVE-2024-25994

An unauthenticated remote attacker can upload a arbitrary script file due to improper input validation. The upload destination is fixed and is write only.

5.3CVSS5.4AI score0.00284EPSS

CVE•added 2024/05/14 4:16 p.m.•70 views

CVE-2024-28135

A low privileged remote attacker can use a command injection vulnerability in the API which performsremote code execution as the user-app user due to improper input validation. The confidentiality is partly affected.

5CVSS5.7AI score0.00727EPSS

CVE•added 2024/03/12 9:15 a.m.•61 views

CVE-2024-25997

An unauthenticated remote attacker can perform a log injection due to improper input validation. Only a certain log file is affected.

5.3CVSS5.5AI score0.00209EPSS

CVE•added 2024/08/13 1:15 p.m.•47 views

CVE-2024-3913

An unauthenticated remote attacker can use this vulnerability to change the device configuration due to a file writeable for short time after system startup.

5.9CVSS7.6AI score0.00099EPSS

CVE•added 2025/07/08 7:15 a.m.•6 views

CVE-2025-24002

An unauthenticated remote attacker can use MQTT messages to crash a service on charging stations complying with German Calibration Law, resulting in a temporary denial-of-service for these stations until they got restarted by the watchdog.

5.3CVSS6.7AI score0.00084EPSS

CVE•added 2025/07/08 7:15 a.m.•6 views

CVE-2025-24004

A physical attacker with access to the device display via USB-C can send a message to the device which triggers an unsecure copy to a buffer resulting in loss of integrity and a temporary denial-of-service for the stations until they got restarted by the watchdog.

5.2CVSS6.5AI score0.00022EPSS