CVE-2025-5748

Name of the Vulnerable Software and Affected Versions WOLFBOX Level 2 EV Charger (affected versions not specified)

Description This issue allows network-adjacent attackers to execute arbitrary code on affected installations. Although authentication is required to exploit this issue, the existing authentication mechanism can be bypassed. The flaw exists within the Tuya communications module software, resulting from the exposure of a method that allows the upload of crafted software images to the module. An attacker can leverage this issue to execute code in the context of the device.

Recommendations At the moment, there is no information about a newer version that contains a fix for this issue.