Ina Kheirkhah

Name of the Vulnerable Software and Affected Versions: Autel MaxiCharger AC Wallbox Commercial (affected versions not specified) Description: This issue allows remote attackers to disclose sensitive information on affected installations of Autel MaxiCharger AC Wallbox Commercial charging stations. The specific flaw exists within the Pile API, resulting from the lack of authentication prior to allowing access to functionality. An attacker can leverage this issue to disclose credentials, leading to further compromise. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Autel MaxiCharger AC Wallbox Commercial Firmware (affected versions not specified) **Description** The issue concerns a remote code execution vulnerability due to a firmware downgrade in the Autel MaxiCharger AC Wallbox Commercial. No information is provided about the estimated number of potentially affected devices or real-world incidents where this issue was exploited. Technical details about exploitation are not specified. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Nome do Software Vulnerável e Versões Afetadas** Autel MaxiCharger AC Wallbox Commercial (versões afetadas não especificadas) **Descrição** O problema refere-se a uma Vulnerabilidade de Bypass de Autenticação por Erro de Validação de Origem. Isso permite o bypass de autenticação devido a um erro de validação de origem. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.

**Nome do Software Vulnerável e Versões Afetadas** Autel MaxiCharger AC Wallbox (versões afetadas não especificadas) **Descrição** O problema refere-se a uma vulnerabilidade de divulgação de informações por método perigoso, na qual o número de série comercial é exposto. Esta vulnerabilidade foi descoberta por Sina Kheirkhah, da Summoning Team. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.

**Name of the Vulnerable Software and Affected Versions** Autel MaxiCharger AC Wallbox (affected versions not specified) **Description** The issue concerns an Incorrect Authorization Privilege Escalation Vulnerability in the Commercial Technician API of the Autel MaxiCharger AC Wallbox. This was discovered by Sina Kheirkhah of Summoning Team during Pwn2Own. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Nome do Software Vulnerável e Versões Afetadas** Carregador de Veículos Elétricos WOLFBOX Nível 2 (versões afetadas não especificadas) **Descrição** Este problema permite que atacantes presentes fisicamente contornem a autenticação em instalações afetadas do Carregador de Veículos Elétricos WOLFBOX Nível 2. A falha específica reside no tratamento dos cartões de gerenciamento, decorrente da falta de personalização desses cartões. Um atacante pode explorar esta vulnerabilidade para contornar a autenticação no sistema. **Recomendações** Atualmente, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.

**Nome do software vulnerável e versões afetadas** ChargePoint Home Flex (versões afetadas não especificadas) **Descrição** Esta vulnerabilidade permite que invasores na mesma rede executem código arbitrário em instalações afetadas das estações de recarga ChargePoint Home Flex. Não é necessária autenticação para explorar esta vulnerabilidade. A falha específica existe no módulo `wlanapp`, resultante da falta de validação adequada de uma string fornecida pelo usuário antes de usá-la para executar uma chamada de sistema. Um invasor pode aproveitar esta vulnerabilidade para executar código no contexto do root. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.

**Nome do software vulnerável e versões afetadas** ChargePoint Home Flex (versões afetadas não especificadas) **Descrição** Esta vulnerabilidade permite que invasores na rede adjacente executem código arbitrário em instalações afetadas das estações de recarga ChargePoint Home Flex. Não é necessária autenticação para explorar esta vulnerabilidade. A falha específica existe no módulo `onboardee` e resulta de um controle de acesso inadequado, permitindo que um invasor execute código no contexto do usuário `root`. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.

**Nome do software vulnerável e versões afetadas** D-Link DCS-8300LHV2 **Descrição** O problema está relacionado à configuração da API ONVIF na câmera Wi-Fi D-Link DCS-8300LHV2, o que está associado a falhas no procedimento de autenticação. Isso permite que um invasor remoto contorne o processo de autenticação. A falha específica existe na configuração da API ONVIF, resultante do uso de um PIN codificado. Um invasor pode explorar essa vulnerabilidade para contornar a autenticação no sistema. **Recomendações** Para o D-Link DCS-8300LHV2, considere desativar a API ONVIF até que uma correção esteja disponível para impedir a exploração. Restrinja o acesso à rede da câmera para minimizar o risco de exploração. Evite usar o PIN codificado na configuração da API ONVIF até que o problema seja resolvido. No momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.

**Name of the Vulnerable Software and Affected Versions** D-Link G416 (affected versions not specified) **Description** This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 wireless routers. The flaw exists within the HTTP service listening on TCP port 80, due to the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. The issue can be exploited without requiring authentication. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link G416 (affected versions not specified) **Description** This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link G416 (affected versions not specified) **Description** The issue is related to a stack-based buffer overflow in the cfgsave function of the HTTP service in D-Link G416 wireless routers. This can be exploited by a remote attacker to execute arbitrary code on the affected device. The vulnerability exists due to the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. The specific flaw exists within the HTTP service listening on TCP port 80. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link G416 (affected versions not specified) **Description** The issue is related to a lack of proper validation of user-supplied strings before executing system calls, allowing network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. No authentication is required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80, and an attacker can leverage this vulnerability to execute code in the context of root. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link G416 (affected versions not specified) **Description** This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link G416 (affected versions not specified) **Description** This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link G416 (affected versions not specified) **Description** The issue exists due to the lack of proper validation of a user-supplied string before using it to execute a system call in the HTTP service listening on TCP port 80. This allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers with root privileges by sending a specially crafted HTTP request. Authentication is not required to exploit this vulnerability. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link G416 (affected versions not specified) **Description** The issue is related to a command injection vulnerability in the nodered chmod function of the D-Link G416 router's firmware. This vulnerability can be exploited by a remote attacker to execute arbitrary code by connecting to TCP port 80. The problem arises from the lack of proper validation of a user-supplied string before using it to execute a system call, allowing an attacker to execute code in the context of root. No authentication is required to exploit this vulnerability. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link G416 (affected versions not specified) **Description** The issue is related to the awsfile chmod function in the D-Link G416 router's firmware, which does not properly neutralize special elements used in an operating system command. This allows a remote attacker to execute arbitrary code by connecting to TCP port 80. The specific flaw exists within the HTTP service listening on TCP port 80, due to the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link G416 (affected versions not specified) **Description** The issue is related to a command injection vulnerability in the flupl pythonmodules of D-Link G416 wireless routers. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations. The specific flaw exists within the HTTP service listening on TCP port 80, due to the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link G416 (affected versions not specified) **Description** This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 wireless routers. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.