Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Iocharger — Vulnerabilities & Security Advisories 16

Browse all 16 CVE security advisories affecting Iocharger. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Iocharger serves as an industrial IoT charging management platform for electric vehicle infrastructure. Historically, it has been vulnerable to multiple remote code execution, cross-site scripting, and privilege escalation flaws, with 16 CVEs documented. These vulnerabilities often stem from insufficient input validation and insecure default configurations. The platform's exposure to public networks has made it a target for attackers seeking to disrupt critical infrastructure. While no major public incidents have been widely reported, the consistent discovery of severe vulnerabilities in Iocharger highlights ongoing security challenges in industrial IoT deployments, particularly concerning remote access and firmware update mechanisms.

Top products by Iocharger: Iocharger firmware for AC models Iocharger firmware for AC chargers
CVE IDTitleCVSSSeverityPublished
CVE-2024-43658 Using the <redacted> action or <redacted>.sh script, arbitrary files and directories can be deleted using directory traversal. — Iocharger firmware for AC modelsCWE-27 8.1 -2025-01-09
CVE-2024-43661 Buffer overflow in <redacted>.so leads to DoS of OCPP service — Iocharger firmware for AC modelsCWE-121 7.4 -2025-01-09
CVE-2024-43654 Authenticated command injection in the <redacted> action leads to full remote code execution as root on the charging station — Iocharger firmware for AC modelsCWE-78 8.8 -2025-01-09
CVE-2024-43653 Authenticated command injection in the <redacted> action leads to full remote code execution as root on the charging station — Iocharger firmware for AC modelsCWE-78 8.8 -2025-01-09
CVE-2024-43649 Authenticated command injection via <redacted>.exe <redacted> parameter — Iocharger firmware for AC modelsCWE-78 8.8 -2025-01-09
CVE-2024-43651 Authenticated command injection in the <redacted> action leads to full remote code execution as root on the charging station — Iocharger firmware for AC modelsCWE-78 8.8 -2025-01-09
CVE-2024-43660 Arbitrary file download using <redacted>.sh — Iocharger firmware for AC modelsCWE-552 7.5 -2025-01-09
CVE-2024-43648 Authenticated command injection via <redacted>.exe <redacted> parameter — Iocharger firmware for AC modelsCWE-78 8.8 -2025-01-09
CVE-2024-43657 When uploading new firmware, a shell script inside a firmware file is executed during its processing. This can be used to craft a custom firmware file with a custom script with arbitrary code, which will then be executed on the charging station. — Iocharger firmware for AC modelsCWE-78 7.8 -2025-01-09
CVE-2024-43662 Authenticated arbitrary file upload to /tmp/ and /tmp/upload/ — Iocharger firmware for AC modelsCWE-434 7.0 -2025-01-09
CVE-2024-43656 A backup can be manipulated and then restored to create arbitrary files inside the <redacted> directory. A CGI script can be added to the web directory this way, allowing for full remote code execution. — Iocharger firmware for AC modelsCWE-78 8.8 -2025-01-09
CVE-2024-43663 Buffer overflow vulnerabilities in CGI scripts lead to segfault — Iocharger firmware for AC modelsCWE-121 9.1 -2025-01-09
CVE-2024-43652 Authenticated command injection in the <redacted> action leads to full remote code execution as root on the charging station — Iocharger firmware for AC chargersCWE-78 8.8 -2025-01-09
CVE-2024-43650 Authenticated command injection in the <redacted> action leads to full remote code execution as root on the charging station — Iocharger firmware for AC modelsCWE-78 8.8 -2025-01-09
CVE-2024-43659 Plaintext default credentials in firmware — Iocharger firmware for AC modelsCWE-256 6.8 -2025-01-09
CVE-2024-43655 Any authenticated users can execute OS commands as root using the <redacted>.sh CGI script. — Iocharger firmware for AC modelsCWE-78 6.6 -2025-01-09

This page lists every published CVE security advisory associated with Iocharger. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.