Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Enel X — Vulnerabilities & Security Advisories 12

Browse all 12 CVE security advisories affecting Enel X. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Enel X provides energy management and electric vehicle charging solutions, with its core use case involving smart grid technologies and IoT infrastructure. Historically, common vulnerabilities include remote code execution, cross-site scripting, and privilege escalation, often stemming from web application misconfigurations and insecure API endpoints. The organization has faced scrutiny for security lapses in its charging station management systems, with multiple CVEs documenting authentication bypass flaws and insecure data transmission. While no major public incidents have been widely reported, the consistent pattern of vulnerabilities in web interfaces and communication protocols suggests ongoing challenges in securing their expanding IoT ecosystem.

Top products by Enel X: JuiceBox Pro 3.0 22kW Cellular JuiceBox 40
CVE IDTitleCVSSSeverityPublished
CVE-2026-0778 Enel X JuiceBox 40 Telnet Service Missing Authentication Remote Code Execution Vulnerability — JuiceBox 40CWE-306 8.8 -2026-01-23
CVE-2023-29126 Insecure loose comparison in Enel X JuiceBox — JuiceBox Pro 3.0 22kW CellularCWE-1287 4.2 Medium2024-11-05
CVE-2023-29125 Heap overflow in CM_main.exe binary in Enel X JuiceBox — JuiceBox Pro 3.0 22kW CellularCWE-122 9.0 Critical2024-11-05
CVE-2023-29122 Incorrect file ownership of privileged service's libraries in Enel X JuiceBox — JuiceBox Pro 3.0 22kW CellularCWE-708 6.7 Medium2024-11-05
CVE-2023-29121 Exposed TCF agent service in Enel X Juicebox — JuiceBox Pro 3.0 22kW CellularCWE-284 9.6 Critical2024-11-05
CVE-2023-29120 Unauthorized Remote Command Execution in Enel X Juicebox — JuiceBox Pro 3.0 22kW CellularCWE-78 9.6 Critical2024-11-05
CVE-2023-29119 Unauthorized SQLite Injection — JuiceBox Pro 3.0 22kW CellularCWE-89 9.6 Critical2024-11-05
CVE-2023-29118 Unauthorized SQLite Injection in Enel X Juicebox — JuiceBox Pro 3.0 22kW CellularCWE-89 9.6 Critical2024-11-05
CVE-2023-29117 Authentication Bypass in JuiceBox Web Manager interface — JuiceBox Pro 3.0 22kW CellularCWE-287 8.8 High2024-11-05
CVE-2023-29116 PHP Information Disclosure in Enel X JuiceBox — JuiceBox Pro 3.0 22kW CellularCWE-200 4.3 Medium2024-11-05
CVE-2023-29115 Denial of Service via Web Management interface in Enel X JuiceBox — JuiceBox Pro 3.0 22kW CellularCWE-284 6.5 Medium2024-11-05
CVE-2023-29114 Unauthorized System Log Disclosure in Enel X JuiceBox — JuiceBox Pro 3.0 22kW CellularCWE-200 5.7 Medium2024-11-05

This page lists every published CVE security advisory associated with Enel X. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.