Alex Salvetti

**Name of the Vulnerable Software and Affected Versions** Circontrol Raption versions through 5.6.2 **Description** The pwrstudio web application of EV Charger is vulnerable to OS command injection via three fields of the configuration menu for `ntpserver0`, `ntpserver1`, and `pingip`. This issue affects Circontrol's Raption 150 DC chargers. To mitigate risks, ensure your systems are updated to the latest version. **Recommendations** For versions through 5.6.2, update to the latest version to mitigate risks. As a temporary workaround, consider restricting access to the configuration menu fields `ntpserver0`, `ntpserver1`, and `pingip` until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Circontrol Raption versions 5.11.2 and earlier **Description** The issue is a pre-authentication stack-based buffer overflow that can be exploited to gain run-time control of the device as root. The ocpp1.5 and pwrstudio binaries on the charging station lack common exploitation mitigations, including stack canaries and the Position Independent Executable (PIE) format. **Recommendations** For Circontrol Raption versions 5.11.2 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.