CVE-2023-46359

CRITICAL NUCLEI

Hardy Barth cPH2 eCharge Ladestation <1.87.0 - Command Injection

Title source: llm

Description

An OS command injection vulnerability in Hardy Barth cPH2 eCharge Ladestation v1.87.0 and earlier, may allow an unauthenticated remote attacker to execute arbitrary commands on the system via a specifically crafted arguments passed to the connectivity check feature.

Nuclei Templates (1)

cPH2 Charging Station v1.87.0 - OS Command Injection

CRITICALVERIFIEDby mlec

Shodan: html:"Salia PLCC"

References (2)

[Not Applicable] http://hardy.com

[Exploit] https://www.offensity.com/en/blog/os-command-injection-in-cph2-charging-station-200-cve-2023-46359-and-cve-2023-46360/

Scores

CVSS v3 9.8

EPSS 0.9296

EPSS Percentile 99.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-78

Status published

Products (1)

hardy-barth/cph2_echarge_firmware < 1.87.0

Published Feb 06, 2024

Tracked Since Feb 18, 2026