CVE-2023-46359

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Feb 6, 2024

Updated: Feb 13, 2024

CWE ID 78

Summary

CVE-2023-46359 is a newly disclosed OS command injection vulnerability that affects the Hardy Barth cPH2 eCharge Ladestation version 1.87.0 and earlier. An attacker can exploit this vulnerability by sending specifically crafted arguments to the connectivity check feature, allowing them to execute arbitrary commands on the system without authentication. This issue poses a significant risk as it can be exploited remotely, potentially leading to serious consequences such as data theft or system compromise. Users are strongly advised to update their software to the latest version to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tGo3sr
https://www.cve.org/CVERecord?id=CVE-2023-46359
https://nvd.nist.gov/vuln/detail/CVE-2023-46359

Back to Vulnerability Database

CVE-2023-46359

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations