CVE-2025-5826 in MaxiCharger AC Wallbox Commercialinfo

Zusammenfassung

von MITRE • 25.06.2025

Autel MaxiCharger AC Wallbox Commercial ble_process_esp32_msg Misinterpretation of Input Vulnerability. This vulnerability allows network-adjacent attackers to inject arbitrary AT commands on affected installations of Autel MaxiCharger AC Wallbox Commercial charging stations. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the ble_process_esp32_msg function. The issue results from misinterpretation of input data. An attacker can leverage this vulnerability to execute AT commands in the context of the device. Was ZDI-CAN-26368.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

06.06.2025

Veröffentlichung

25.06.2025

Moderieren

akzeptiert

Eintrag

VDB-312359

CPE

bereit

CWE

CWE-115 (bestätigt)

CVSS

6.3 (CNA)

EPSS

0.00073

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-5826
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-5826
CVE Details	https://www.cvedetails.com/cve/CVE-2025-5826/

◂ Zurück Übersicht Weiter ▸

Might our Artificial Intelligence support you?

Check our Alexa App!