WOLFBOX Level 2 EV Charger Management Card Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows physically present attackers to bypass authentication on affected installations of WOLFBOX Level 2 EV Charger. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of management cards. The issue results from the lack of personalization of management cards. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-26292.
History

Fri, 06 Jun 2025 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Fri, 06 Jun 2025 15:45:00 +0000

Type Values Removed Values Added
Description WOLFBOX Level 2 EV Charger Management Card Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows physically present attackers to bypass authentication on affected installations of WOLFBOX Level 2 EV Charger. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of management cards. The issue results from the lack of personalization of management cards. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-26292.
Title WOLFBOX Level 2 EV Charger Management Card Hard-coded Credentials Authentication Bypass Vulnerability
Weaknesses CWE-798
References
Metrics cvssV3_0

{'score': 4.6, 'vector': 'CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: zdi

Published: 2025-06-06T15:29:51.274Z

Updated: 2025-06-06T15:54:40.568Z

Reserved: 2025-06-05T20:45:43.845Z

Link: CVE-2025-5751

cve-icon Vulnrichment

Updated: 2025-06-06T15:54:37.480Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-06-06T16:15:30.413

Modified: 2025-06-09T12:15:47.880

Link: CVE-2025-5751

cve-icon Redhat

No data.