CVE-2023-46359: OS Command Injection
First published: Tue Feb 06 2024(Updated: )
An OS command injection vulnerability in Hardy Barth cPH2 eCharge Ladestation v1.87.0 and earlier, may allow an unauthenticated remote attacker to execute arbitrary commands on the system via a specifically crafted arguments passed to the connectivity check feature.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| eCharge Hardy Barth cPH2 | ||
| eCharge Hardy Barth cPH2 | <=1.87.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-46359?
CVE-2023-46359 has been rated as a high-severity vulnerability due to the potential for unauthenticated remote command execution.
How do I fix CVE-2023-46359?
To mitigate CVE-2023-46359, update the Hardy Barth cPH2 eCharge Ladestation firmware to version 1.87.1 or later.
Who is affected by CVE-2023-46359?
CVE-2023-46359 affects users of Hardy Barth cPH2 eCharge Ladestation versions 1.87.0 and earlier.
What type of vulnerability is CVE-2023-46359?
CVE-2023-46359 is classified as an OS command injection vulnerability.
How can CVE-2023-46359 be exploited?
CVE-2023-46359 can be exploited by sending specially crafted arguments to the connectivity check feature, allowing command execution.
- agent/references
- agent/type
- agent/first-publish-date
- agent/description
- agent/author
- agent/event
- agent/severity
- agent/softwarecombine
- agent/weakness
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/hardy-barth
- canonical/echarge hardy barth cph2
- version/echarge hardy barth cph2/1.87.0