CVE-2023-46360
published 2024-02-06CVE-2023-46360: Hardy Barth cPH2 eCharge Ladestation v1.87.0 and earlier is vulnerable to Execution with Unnecessary Privileges.
PriorityP259high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EXPLOIT
EPSS
2.83%
84.9th percentile
Hardy Barth cPH2 eCharge Ladestation v1.87.0 and earlier is vulnerable to Execution with Unnecessary Privileges.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hardy-barth | cph2_echarge_firmware | <= 1.87.0 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Shodan query to identify exposed Hardy Barth cPH2 charging stations: search for HTML containing 'Salia PLCC' ↗
- →Successful exploitation of the connectivity check endpoint returns the string 'SUCCESS' in the HTTP response body, along with the injected payload reflected back ↗
- →Out-of-band DNS callback via interactsh confirms RCE; monitor for DNS queries containing the output of 'whoami' as a subdomain, originating from the target device ↗
- →The vulnerability is exploited via a GET request to /connectioncheck.php with a crafted 'ip' parameter containing OS command injection payloads (e.g., shell metacharacters like &&) ↗
- ·CVE-2023-46360 is described as 'Execution with Unnecessary Privileges' (CWE-250/privilege-related), which is distinct from the OS command injection (CWE-78) described in the template for CVE-2023-46359. The two CVEs may require different detection approaches. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
cPH2 Charging Station v1.87.0 - OS Command Injection
nuclei·CVSS 9.8
CVE-2023-46359 [CRITICAL] cPH2 Charging Station v1.87.0 - OS Command Injection
cPH2 Charging Station v1.87.0 - OS Command Injection
An OS command injection vulnerability in Hardy Barth cPH2 Ladestation v1.87.0 and earlier, may allow an unauthenticated remote attacker to execute arbitrary commands on the system via a specifically crafted arguments passed to the connectivity check feature.
Template:
id: CVE-2023-46359
info:
name: cPH2 Charging Station v1.87.0 - OS Command Injection
author: mlec
severity: critical
description: |
An OS command injection vulnerability in Hardy Barth cPH2 Ladestation v1.87.0 and earlier, may allow an unauthenticated remote attacker to execute arbitrary commands on the system via a specifically crafted arguments passed to the connectivity check feature.
impact: |
Unauthenticated attackers can exploit OS command injection through the con
No writeups or analysis indexed.
2024-02-06
Published