CVE-2024-43652

Authenticated command injection in the <redacted> action leads to full remote code execution as root on the charging station

CVE CVE-2024-43652
Title Authenticated command injection in the <redacted> action leads to full remote code execution as root on the charging station
Case DIVD-2024-00035
Credits
Affected products
Product Affected Unaffected Unknown
Iocharger Iocharger firmware for AC chargers >= 0 to < 24120701 (custom)
everything else
CVSS
Base score 9.3 - CRITICAL
Attack Vector NETWORK
Attack Complexity> LOW
Attack Requirements NONE
Privileges Required LOW
Confidentiality Impact
Vulnerable system HIGH Subsequent systems LOW
Integrity Impact
Vulnerable system HIGH Subsequent systems LOW
Availability Impact
Vulnerable system HIGH Subsequent systems HIGH
Safety impact PRESENT
Automatable YES
Recovery USER
Value Density DIFFUSE
Vulnerability Response effort MODERATE
Provider Urgency NOT_DEFINED
References
Problem type(s)
Impact(s) CAPEC-88 OS Command Injection
Date published 09 Jan 2025 00:00 UTC
Last modified

Description

Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability allows OS Command Injection as root
This issue affects Iocharger firmware for AC model chargers before version 24120701

Likelihood: Moderate – The <redacted> binary does not seem to be used by the web interface, so it might be more difficult to find. It seems to be largely the same binary as used by the Iocharger Pedestal charging station, however. The attacker will also need a (low privilege) account to gain access to the <redacted> binary, or convince a user with such access to execute a crafted HTTP request.

Impact: Critical – The attacker has full control over the charging station as the root user, and can arbitrarily add, modify and delete
files and services.

JSON version.