CVE-2025-48416
HIGHeCharge Hardy Barth cPH2 / cPP2 charging stations - Unauthenticated Root Access via SSH Configuration Bypass
Title source: llmDescription
An OpenSSH daemon listens on TCP port 22. There is a hard-coded entry in the "/etc/shadow" file in the firmware image for the "root" user. However, in the default SSH configuration the "PermitRootLogin" is disabled, preventing the root user from logging in via SSH. This configuration can be bypassed/changed by an attacker through multiple paths though.
References (2)
Core 2
Core References
Various Sources third-party-advisory
https://r.sec-consult.com/echarge
Mailing List
http://seclists.org/fulldisclosure/2025/May/23
Scores
CVSS v3
8.1
EPSS
0.0050
EPSS Percentile
38.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-912
Status
published
Products (1)
eCharge Hardy Barth/cPH2 / cPP2 charging stations
<=2.2.0
Published
May 21, 2025
Tracked Since
Feb 18, 2026