CVE-2025-5873

Name of the Vulnerable Software and Affected Versions eCharge Hardy Barth Salia PLCC version 2.2.0

Description A critical issue affects the Web UI component, specifically the /firmware.php file, allowing for unrestricted upload by manipulating the media argument. This can be initiated remotely. The issue has been publicly disclosed, and the vendor was notified but did not respond.

Recommendations For eCharge Hardy Barth Salia PLCC version 2.2.0, as a temporary workaround, consider restricting access to the /firmware.php file to minimize the risk of exploitation. Avoid using the media argument in the affected Web UI component until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.