CVE-2025-52264 in Artemis AC Charger 7-22 kW
Summary
by MITRE • 10/27/2025
StarCharge Artemis AC Charger 7-22 kW v1.0.4 was discovered to contain a stack overflow via the cgiMain function at download.cgi.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Analysis
by VulDB Data Team • 10/27/2025
The StarCharge Artemis AC Charger 7-22 kW model running firmware version 1.0.4 presents a critical stack overflow vulnerability through its web interface implementation. This device operates as a charging station for electric vehicles and exposes a web server interface to facilitate configuration and monitoring functions. The vulnerability manifests within the cgiMain function located in the download.cgi component, which processes incoming HTTP requests without adequate input validation or buffer size checks. When an attacker crafts a malicious HTTP request containing oversized data to the download.cgi endpoint, the application fails to properly handle the input length, resulting in a stack buffer overflow condition that can lead to arbitrary code execution or system crash.
This vulnerability falls under the CWE-121 stack-based buffer overflow category, specifically affecting the web application layer of the device's embedded operating system. The attack surface is particularly concerning as it exposes the device's web interface to remote exploitation without requiring authentication. The cgiMain function serves as a critical entry point for various download operations including firmware updates, configuration file transfers, and system diagnostics. The lack of proper bounds checking in this function creates a pathway for attackers to overwrite adjacent memory locations on the stack, potentially allowing them to manipulate program execution flow. The stack overflow condition can be triggered through various HTTP methods including GET and POST requests that are processed by the download.cgi handler.
The operational impact of this vulnerability extends beyond simple system instability to encompass full system compromise and potential denial of service conditions. An attacker who successfully exploits this vulnerability could gain unauthorized access to the charging station's internal systems, potentially enabling them to modify charging parameters, access sensitive configuration data, or even disrupt charging operations for electric vehicle users. The device's role in managing electric vehicle charging infrastructure makes this vulnerability particularly dangerous from a cybersecurity perspective, as it could be exploited to create service interruptions or potentially compromise the safety systems of the charging station. The vulnerability affects the device's ability to maintain secure communication channels and could allow attackers to establish persistent access points for further reconnaissance or lateral movement within connected networks.
Mitigation strategies for this vulnerability should include immediate firmware updates from the vendor to address the buffer overflow condition in the download.cgi component. Network segmentation and access control measures should be implemented to limit exposure of the device's web interface to trusted networks only, reducing the attack surface available to potential adversaries. Regular security audits of embedded systems and web applications should be conducted to identify similar buffer overflow conditions that may exist in other components of the charging infrastructure. The vulnerability highlights the importance of implementing robust input validation and memory management practices in embedded web applications, aligning with industry standards such as the OWASP Top Ten and NIST Cybersecurity Framework. Organizations should also consider implementing intrusion detection systems to monitor for suspicious traffic patterns targeting the device's web interface, as well as establishing incident response procedures for handling potential exploitation attempts. The vulnerability demonstrates the critical need for secure coding practices in embedded systems and the importance of conducting thorough security testing before deploying devices in operational environments.