| タイトル | Besen EV Charging Station BS20 EV Charger Insufficiently Protected Credentials |
|---|
| 説明 | Finding 2: Cleartext Credential Exposure via BLE and UDP in Besen Home EV Charging Station
The Besen Home EV Charging Station exposes user credentials in plaintext over UDP and also BLE. Operations such as password change reveals both old and new passwords in plaintext.
The plaintext password is also observed to be frequently broadcasted via UDP, making them observable to any attacker on the same local network.
Successful exploitation may lead to unauthorized access and control of the device. |
|---|
| ソース | ⚠️ https://github.com/carfeii/besen/ |
|---|
| ユーザー | carfeii (UID 97470) |
|---|
| 送信 | 2026年04月26日 18:05 (1 月 ago) |
|---|
| モデレーション | 2026年05月24日 08:19 (28 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 365376 [Besen BS20 EV Charging Station 迄 20260426 BLE/UDP 情報漏えい] |
|---|
| ポイント | 20 |
|---|