WOLFBOX Level 2 EV Charger Management Card Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows physically present attackers to bypass authentication on affected installations of WOLFBOX Level 2 EV Charger. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of management cards. The issue results from the lack of personalization of management cards. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-26292.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.zerodayinitiative.com/advisories/ZDI-25-330/ |
![]() ![]() |
History
Fri, 06 Jun 2025 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Fri, 06 Jun 2025 15:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | WOLFBOX Level 2 EV Charger Management Card Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows physically present attackers to bypass authentication on affected installations of WOLFBOX Level 2 EV Charger. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of management cards. The issue results from the lack of personalization of management cards. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-26292. | |
Title | WOLFBOX Level 2 EV Charger Management Card Hard-coded Credentials Authentication Bypass Vulnerability | |
Weaknesses | CWE-798 | |
References |
| |
Metrics |
cvssV3_0
|

Status: PUBLISHED
Assigner: zdi
Published: 2025-06-06T15:29:51.274Z
Updated: 2025-06-06T15:54:40.568Z
Reserved: 2025-06-05T20:45:43.845Z
Link: CVE-2025-5751

Updated: 2025-06-06T15:54:37.480Z

Status : Awaiting Analysis
Published: 2025-06-06T16:15:30.413
Modified: 2025-06-09T12:15:47.880
Link: CVE-2025-5751

No data.