PT-2026-57676 · Evbee · Dc-80
Published
2026-07-13
·
Updated
2026-07-13
·
CVE-2026-22100
CVSS v4.0
8.6
High
| Vector | AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
The OCPP DataTransfer message
ReserveLogin is vulnerable to command injection. By manipulating the data value, arbitrary OS commands can be executed as root.Fix
OS Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dc-80