HIGH🇬🇧 English

CVE-2025-6678

CVSS 7.5v3.0pub. 2025-06-25upd. 2025-09-10

Autel MaxiCharger AC Wallbox Commercial PIN Missing Authentication Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Autel MaxiCharger AC Wallbox Commercial charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Pile API. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to disclose credentials, leading to further compromise. Was ZDI-CAN-26352.

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Autel Maxicharger Ac Elite Business C50

    HW
    Autel
    wszystkie wersje
  • Autel Maxicharger Ac Elite Business C50 Firmware

    OS
    Autel
    < 1.39.51< 1.56.51
  • Autel Maxicharger Ac Pro

    HW
    Autel
    wszystkie wersje
  • Autel Maxicharger Ac Pro Firmware

    OS
    Autel
    < 1.39.51< 1.56.51
  • Autel Maxicharger Ac Ultra

    HW
    Autel
    wszystkie wersje
  • Autel Maxicharger Ac Ultra Firmware

    OS
    Autel
    < 1.56.51< 1.39.51
  • Autel Maxicharger Dc Compact Mobile

    HW
    Autel
    wszystkie wersje
  • Autel Maxicharger Dc Compact Mobile Firmware

    OS
    Autel
    < 1.39.51< 1.56.51
  • Autel Maxicharger Dc Compact Pedestal

    HW
    Autel
    wszystkie wersje
  • Autel Maxicharger Dc Compact Pedestal Firmware

    OS
    Autel
    < 1.56.51< 1.39.51
  • Autel Maxicharger Dc Fast

    HW
    Autel
    wszystkie wersje
  • Autel Maxicharger Dc Fast Firmware

    OS
    Autel
    < 1.39.51< 1.56.51
  • Autel Maxicharger Dc Hipower

    HW
    Autel
    wszystkie wersje
  • Autel Maxicharger Dc Hipower Firmware

    OS
    Autel
    < 1.39.51< 1.56.51
  • Autel Maxicharger Dh480

    HW
    Autel
    wszystkie wersje
  • Autel Maxicharger Dh480 Firmware

    OS
    Autel
    < 1.39.51< 1.56.51
  • Autel Maxicharger Single Charger

    HW
    Autel
    wszystkie wersje
  • Autel Maxicharger Single Charger Firmware

    OS
    Autel
    < 1.39.51< 1.56.51
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2025-5825HIGH7.5ten sam produkt

Autel MaxiCharger AC Wallbox Commercial Firmware Downgrade Remote Code Execution Vulnerability. This vulnerabi...

CVE-2025-5827HIGH8.8ten sam produkt

Autel MaxiCharger AC Wallbox Commercial ble_process_esp32_msg Stack-based Buffer Overflow Remote Code Executio...

CVE-2025-5822HIGH8.8ten sam produkt

Autel MaxiCharger AC Wallbox Commercial Technician API Incorrect Authorization Privilege Escalation Vulnerabil...

CVE-2025-5824HIGH7.5ten sam produkt

Autel MaxiCharger AC Wallbox Commercial Origin Validation Error Authentication Bypass Vulnerability. This vuln...

CVE-2025-5830HIGH8.8ten sam produkt

Autel MaxiCharger AC Wallbox Commercial DLB_SlaveRegister Heap-based Buffer Overflow Remote Code Execution Vul...

CVE-2025-6678 — HIGH 7.5 | CVEbaza.pl