PT-2023-8587 · Hardy Barth · Cph2 Echarge Ladestation
Ewen Coppens
·
Published
2023-12-14
·
Updated
2024-10-28
·
CVE-2023-46359
CVSS v2.0
10
Critical
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Hardy Barth cPH2 eCharge Ladestation versions 1.87.0 and earlier
Description
The issue exists due to the lack of measures to neutralize special elements used in the operating system command. This may allow a remote attacker to execute arbitrary commands on the system via specifically crafted arguments passed to the connectivity check feature.
Recommendations
For versions 1.87.0 and earlier, as a temporary workaround, consider restricting access to the connectivity check feature until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
OS Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Cph2 Echarge Ladestation