Lucene search
K
WolfboxLevel 2 Ev Charger Firmware

5 matches found

CVE
CVE
added 2025/06/06 3:30 p.m.72 views

CVE-2025-5747

CVE-2025-5747 affects WOLFBOX Level 2 EV Charger MCU command parsing. The flaw is in how command frames are parsed: the process fails to reliably detect the start of a frame, enabling misinterpretation of input. This can allow network-adjacent attackers to execute arbitrary code within the device...

8CVSS7.9AI score0.0036EPSS
CVE
CVE
added 2025/06/06 3:29 p.m.65 views

CVE-2025-5750

CVE-2025-5750 affects WOLFBOX Level 2 EV Charger. The issue is a heap-based buffer overflow in the tuya_svc_devos_activate_result_parse path caused by improper validation of the lengths of secKey, localKey, stdTimeZone, and devId, allowing network-adjacent attackers to execute arbitrary code with...

8.8CVSS7.8AI score0.00333EPSS
CVE
CVE
added 2025/06/06 3:30 p.m.62 views

CVE-2025-5748

CVE-2025-5748 concerns the WOLFBOX Level 2 EV Charger, specifically the Tuya communications module software. The vulnerability arises from the exposure of a method that permits uploading crafted software images to the module, enabling code execution in the device’s context. It is exploitable by n...

8CVSS8AI score0.00382EPSS
CVE
CVE
added 2025/06/06 3:30 p.m.62 views

CVE-2025-5749

The CVE-2025-5749 issue affects WOLFBOX Level 2 EV Charger devices, specifically the BLE communication path. The root cause is an uninitialized variable in the handling of cryptographic keys used in vendor-specific encrypted communications, enabling authentication bypass for network-adjacent atta...

8.8CVSS6.8AI score0.00171EPSS
CVE
CVE
added 2025/06/06 3:29 p.m.59 views

CVE-2025-5751

The CVE-2025-5751 issue affects WOLFBOX Level 2 EV Charger and stems from the management card handling: lack of personalization enables authentication bypass. Physical access is required to exploit, with no user interaction needed. The vulnerability allows an attacker to bypass authentication on ...

6.8CVSS6.9AI score0.00252EPSS