Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for Salia PLCC by eCharge Hardy Barth

    CVE-2025-10371 (GCVE-0-2025-10371)

    Vulnerability from nvd – Published: 2025-09-13 17:32 – Updated: 2026-01-09 00:12
    VLAI
    Title
    eCharge Hardy Barth Salia PLCC api.php unrestricted upload
    Summary
    A security flaw has been discovered in eCharge Hardy Barth Salia PLCC up to 2.3.81. This issue affects some unknown processing of the file /api.php. The manipulation of the argument setrfidlist results in unrestricted upload. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    eCharge Hardy Barth Salia PLCC Affected: 2.3.0
    Affected: 2.3.1
    Affected: 2.3.2
    Affected: 2.3.3
    Affected: 2.3.4
    Affected: 2.3.5
    Affected: 2.3.6
    Affected: 2.3.7
    Affected: 2.3.8
    Affected: 2.3.9
    Affected: 2.3.10
    Affected: 2.3.11
    Affected: 2.3.12
    Affected: 2.3.13
    Affected: 2.3.14
    Affected: 2.3.15
    Affected: 2.3.16
    Affected: 2.3.17
    Affected: 2.3.18
    Affected: 2.3.19
    Affected: 2.3.20
    Affected: 2.3.21
    Affected: 2.3.22
    Affected: 2.3.23
    Affected: 2.3.24
    Affected: 2.3.25
    Affected: 2.3.26
    Affected: 2.3.27
    Affected: 2.3.28
    Affected: 2.3.29
    Affected: 2.3.30
    Affected: 2.3.31
    Affected: 2.3.32
    Affected: 2.3.33
    Affected: 2.3.34
    Affected: 2.3.35
    Affected: 2.3.36
    Affected: 2.3.37
    Affected: 2.3.38
    Affected: 2.3.39
    Affected: 2.3.40
    Affected: 2.3.41
    Affected: 2.3.42
    Affected: 2.3.43
    Affected: 2.3.44
    Affected: 2.3.45
    Affected: 2.3.46
    Affected: 2.3.47
    Affected: 2.3.48
    Affected: 2.3.49
    Affected: 2.3.50
    Affected: 2.3.51
    Affected: 2.3.52
    Affected: 2.3.53
    Affected: 2.3.54
    Affected: 2.3.55
    Affected: 2.3.56
    Affected: 2.3.57
    Affected: 2.3.58
    Affected: 2.3.59
    Affected: 2.3.60
    Affected: 2.3.61
    Affected: 2.3.62
    Affected: 2.3.63
    Affected: 2.3.64
    Affected: 2.3.65
    Affected: 2.3.66
    Affected: 2.3.67
    Affected: 2.3.68
    Affected: 2.3.69
    Affected: 2.3.70
    Affected: 2.3.71
    Affected: 2.3.72
    Affected: 2.3.73
    Affected: 2.3.74
    Affected: 2.3.75
    Affected: 2.3.76
    Affected: 2.3.77
    Affected: 2.3.78
    Affected: 2.3.79
    Affected: 2.3.80
    Affected: 2.3.81
    Create a notification for this product.
    Credits
    XU-17 (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-10371",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-15T15:39:44.052956Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-15T15:39:52.415Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Salia PLCC",
              "vendor": "eCharge Hardy Barth",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.3.0"
                },
                {
                  "status": "affected",
                  "version": "2.3.1"
                },
                {
                  "status": "affected",
                  "version": "2.3.2"
                },
                {
                  "status": "affected",
                  "version": "2.3.3"
                },
                {
                  "status": "affected",
                  "version": "2.3.4"
                },
                {
                  "status": "affected",
                  "version": "2.3.5"
                },
                {
                  "status": "affected",
                  "version": "2.3.6"
                },
                {
                  "status": "affected",
                  "version": "2.3.7"
                },
                {
                  "status": "affected",
                  "version": "2.3.8"
                },
                {
                  "status": "affected",
                  "version": "2.3.9"
                },
                {
                  "status": "affected",
                  "version": "2.3.10"
                },
                {
                  "status": "affected",
                  "version": "2.3.11"
                },
                {
                  "status": "affected",
                  "version": "2.3.12"
                },
                {
                  "status": "affected",
                  "version": "2.3.13"
                },
                {
                  "status": "affected",
                  "version": "2.3.14"
                },
                {
                  "status": "affected",
                  "version": "2.3.15"
                },
                {
                  "status": "affected",
                  "version": "2.3.16"
                },
                {
                  "status": "affected",
                  "version": "2.3.17"
                },
                {
                  "status": "affected",
                  "version": "2.3.18"
                },
                {
                  "status": "affected",
                  "version": "2.3.19"
                },
                {
                  "status": "affected",
                  "version": "2.3.20"
                },
                {
                  "status": "affected",
                  "version": "2.3.21"
                },
                {
                  "status": "affected",
                  "version": "2.3.22"
                },
                {
                  "status": "affected",
                  "version": "2.3.23"
                },
                {
                  "status": "affected",
                  "version": "2.3.24"
                },
                {
                  "status": "affected",
                  "version": "2.3.25"
                },
                {
                  "status": "affected",
                  "version": "2.3.26"
                },
                {
                  "status": "affected",
                  "version": "2.3.27"
                },
                {
                  "status": "affected",
                  "version": "2.3.28"
                },
                {
                  "status": "affected",
                  "version": "2.3.29"
                },
                {
                  "status": "affected",
                  "version": "2.3.30"
                },
                {
                  "status": "affected",
                  "version": "2.3.31"
                },
                {
                  "status": "affected",
                  "version": "2.3.32"
                },
                {
                  "status": "affected",
                  "version": "2.3.33"
                },
                {
                  "status": "affected",
                  "version": "2.3.34"
                },
                {
                  "status": "affected",
                  "version": "2.3.35"
                },
                {
                  "status": "affected",
                  "version": "2.3.36"
                },
                {
                  "status": "affected",
                  "version": "2.3.37"
                },
                {
                  "status": "affected",
                  "version": "2.3.38"
                },
                {
                  "status": "affected",
                  "version": "2.3.39"
                },
                {
                  "status": "affected",
                  "version": "2.3.40"
                },
                {
                  "status": "affected",
                  "version": "2.3.41"
                },
                {
                  "status": "affected",
                  "version": "2.3.42"
                },
                {
                  "status": "affected",
                  "version": "2.3.43"
                },
                {
                  "status": "affected",
                  "version": "2.3.44"
                },
                {
                  "status": "affected",
                  "version": "2.3.45"
                },
                {
                  "status": "affected",
                  "version": "2.3.46"
                },
                {
                  "status": "affected",
                  "version": "2.3.47"
                },
                {
                  "status": "affected",
                  "version": "2.3.48"
                },
                {
                  "status": "affected",
                  "version": "2.3.49"
                },
                {
                  "status": "affected",
                  "version": "2.3.50"
                },
                {
                  "status": "affected",
                  "version": "2.3.51"
                },
                {
                  "status": "affected",
                  "version": "2.3.52"
                },
                {
                  "status": "affected",
                  "version": "2.3.53"
                },
                {
                  "status": "affected",
                  "version": "2.3.54"
                },
                {
                  "status": "affected",
                  "version": "2.3.55"
                },
                {
                  "status": "affected",
                  "version": "2.3.56"
                },
                {
                  "status": "affected",
                  "version": "2.3.57"
                },
                {
                  "status": "affected",
                  "version": "2.3.58"
                },
                {
                  "status": "affected",
                  "version": "2.3.59"
                },
                {
                  "status": "affected",
                  "version": "2.3.60"
                },
                {
                  "status": "affected",
                  "version": "2.3.61"
                },
                {
                  "status": "affected",
                  "version": "2.3.62"
                },
                {
                  "status": "affected",
                  "version": "2.3.63"
                },
                {
                  "status": "affected",
                  "version": "2.3.64"
                },
                {
                  "status": "affected",
                  "version": "2.3.65"
                },
                {
                  "status": "affected",
                  "version": "2.3.66"
                },
                {
                  "status": "affected",
                  "version": "2.3.67"
                },
                {
                  "status": "affected",
                  "version": "2.3.68"
                },
                {
                  "status": "affected",
                  "version": "2.3.69"
                },
                {
                  "status": "affected",
                  "version": "2.3.70"
                },
                {
                  "status": "affected",
                  "version": "2.3.71"
                },
                {
                  "status": "affected",
                  "version": "2.3.72"
                },
                {
                  "status": "affected",
                  "version": "2.3.73"
                },
                {
                  "status": "affected",
                  "version": "2.3.74"
                },
                {
                  "status": "affected",
                  "version": "2.3.75"
                },
                {
                  "status": "affected",
                  "version": "2.3.76"
                },
                {
                  "status": "affected",
                  "version": "2.3.77"
                },
                {
                  "status": "affected",
                  "version": "2.3.78"
                },
                {
                  "status": "affected",
                  "version": "2.3.79"
                },
                {
                  "status": "affected",
                  "version": "2.3.80"
                },
                {
                  "status": "affected",
                  "version": "2.3.81"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "XU-17 (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A security flaw has been discovered in eCharge Hardy Barth Salia PLCC up to 2.3.81. This issue affects some unknown processing of the file /api.php. The manipulation of the argument setrfidlist results in unrestricted upload. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 7.5,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-434",
                  "description": "Unrestricted Upload",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "Improper Access Controls",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-09T00:12:33.151Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-323779 | eCharge Hardy Barth Salia PLCC api.php unrestricted upload",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.323779"
            },
            {
              "name": "VDB-323779 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.323779"
            },
            {
              "name": "Submit #643535 | echarge Salia PLCC 2.2.0 Unauthorized File-Write",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.643535"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://github.com/YZS17/CVE/blob/main/Salia_PLCC/file-write-api.php.md"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/YZS17/CVE/blob/main/Salia_PLCC/file-write-api.php.md#poc"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-09-12T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2025-09-12T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-01-09T01:16:29.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "eCharge Hardy Barth Salia PLCC api.php unrestricted upload"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2025-10371",
        "datePublished": "2025-09-13T17:32:06.472Z",
        "dateReserved": "2025-09-12T14:04:45.082Z",
        "dateUpdated": "2026-01-09T00:12:33.151Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-5873 (GCVE-0-2025-5873)

    Vulnerability from nvd – Published: 2025-06-09 10:31 – Updated: 2026-01-09 00:12
    VLAI
    Title
    eCharge Hardy Barth Salia PLCC Web UI firmware.php unrestricted upload
    Summary
    A vulnerability was detected in eCharge Hardy Barth Salia PLCC up to 2.3.81. Affected by this issue is some unknown functionality of the file /firmware.php of the component Web UI. Performing a manipulation of the argument media results in unrestricted upload. The attack can be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.311632 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.311632 signaturepermissions-required
    https://vuldb.com/?submit.585733 third-party-advisory
    https://github.com/YZS17/CVE/blob/main/Salia_PLCC… exploit
    Impacted products
    Vendor Product Version
    eCharge Hardy Barth Salia PLCC Affected: 2.3.0
    Affected: 2.3.1
    Affected: 2.3.2
    Affected: 2.3.3
    Affected: 2.3.4
    Affected: 2.3.5
    Affected: 2.3.6
    Affected: 2.3.7
    Affected: 2.3.8
    Affected: 2.3.9
    Affected: 2.3.10
    Affected: 2.3.11
    Affected: 2.3.12
    Affected: 2.3.13
    Affected: 2.3.14
    Affected: 2.3.15
    Affected: 2.3.16
    Affected: 2.3.17
    Affected: 2.3.18
    Affected: 2.3.19
    Affected: 2.3.20
    Affected: 2.3.21
    Affected: 2.3.22
    Affected: 2.3.23
    Affected: 2.3.24
    Affected: 2.3.25
    Affected: 2.3.26
    Affected: 2.3.27
    Affected: 2.3.28
    Affected: 2.3.29
    Affected: 2.3.30
    Affected: 2.3.31
    Affected: 2.3.32
    Affected: 2.3.33
    Affected: 2.3.34
    Affected: 2.3.35
    Affected: 2.3.36
    Affected: 2.3.37
    Affected: 2.3.38
    Affected: 2.3.39
    Affected: 2.3.40
    Affected: 2.3.41
    Affected: 2.3.42
    Affected: 2.3.43
    Affected: 2.3.44
    Affected: 2.3.45
    Affected: 2.3.46
    Affected: 2.3.47
    Affected: 2.3.48
    Affected: 2.3.49
    Affected: 2.3.50
    Affected: 2.3.51
    Affected: 2.3.52
    Affected: 2.3.53
    Affected: 2.3.54
    Affected: 2.3.55
    Affected: 2.3.56
    Affected: 2.3.57
    Affected: 2.3.58
    Affected: 2.3.59
    Affected: 2.3.60
    Affected: 2.3.61
    Affected: 2.3.62
    Affected: 2.3.63
    Affected: 2.3.64
    Affected: 2.3.65
    Affected: 2.3.66
    Affected: 2.3.67
    Affected: 2.3.68
    Affected: 2.3.69
    Affected: 2.3.70
    Affected: 2.3.71
    Affected: 2.3.72
    Affected: 2.3.73
    Affected: 2.3.74
    Affected: 2.3.75
    Affected: 2.3.76
    Affected: 2.3.77
    Affected: 2.3.78
    Affected: 2.3.79
    Affected: 2.3.80
    Affected: 2.3.81
    Create a notification for this product.
    Credits
    XU17 (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-5873",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-09T17:47:53.089620Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-09T17:48:02.495Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "Web UI"
              ],
              "product": "Salia PLCC",
              "vendor": "eCharge Hardy Barth",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.3.0"
                },
                {
                  "status": "affected",
                  "version": "2.3.1"
                },
                {
                  "status": "affected",
                  "version": "2.3.2"
                },
                {
                  "status": "affected",
                  "version": "2.3.3"
                },
                {
                  "status": "affected",
                  "version": "2.3.4"
                },
                {
                  "status": "affected",
                  "version": "2.3.5"
                },
                {
                  "status": "affected",
                  "version": "2.3.6"
                },
                {
                  "status": "affected",
                  "version": "2.3.7"
                },
                {
                  "status": "affected",
                  "version": "2.3.8"
                },
                {
                  "status": "affected",
                  "version": "2.3.9"
                },
                {
                  "status": "affected",
                  "version": "2.3.10"
                },
                {
                  "status": "affected",
                  "version": "2.3.11"
                },
                {
                  "status": "affected",
                  "version": "2.3.12"
                },
                {
                  "status": "affected",
                  "version": "2.3.13"
                },
                {
                  "status": "affected",
                  "version": "2.3.14"
                },
                {
                  "status": "affected",
                  "version": "2.3.15"
                },
                {
                  "status": "affected",
                  "version": "2.3.16"
                },
                {
                  "status": "affected",
                  "version": "2.3.17"
                },
                {
                  "status": "affected",
                  "version": "2.3.18"
                },
                {
                  "status": "affected",
                  "version": "2.3.19"
                },
                {
                  "status": "affected",
                  "version": "2.3.20"
                },
                {
                  "status": "affected",
                  "version": "2.3.21"
                },
                {
                  "status": "affected",
                  "version": "2.3.22"
                },
                {
                  "status": "affected",
                  "version": "2.3.23"
                },
                {
                  "status": "affected",
                  "version": "2.3.24"
                },
                {
                  "status": "affected",
                  "version": "2.3.25"
                },
                {
                  "status": "affected",
                  "version": "2.3.26"
                },
                {
                  "status": "affected",
                  "version": "2.3.27"
                },
                {
                  "status": "affected",
                  "version": "2.3.28"
                },
                {
                  "status": "affected",
                  "version": "2.3.29"
                },
                {
                  "status": "affected",
                  "version": "2.3.30"
                },
                {
                  "status": "affected",
                  "version": "2.3.31"
                },
                {
                  "status": "affected",
                  "version": "2.3.32"
                },
                {
                  "status": "affected",
                  "version": "2.3.33"
                },
                {
                  "status": "affected",
                  "version": "2.3.34"
                },
                {
                  "status": "affected",
                  "version": "2.3.35"
                },
                {
                  "status": "affected",
                  "version": "2.3.36"
                },
                {
                  "status": "affected",
                  "version": "2.3.37"
                },
                {
                  "status": "affected",
                  "version": "2.3.38"
                },
                {
                  "status": "affected",
                  "version": "2.3.39"
                },
                {
                  "status": "affected",
                  "version": "2.3.40"
                },
                {
                  "status": "affected",
                  "version": "2.3.41"
                },
                {
                  "status": "affected",
                  "version": "2.3.42"
                },
                {
                  "status": "affected",
                  "version": "2.3.43"
                },
                {
                  "status": "affected",
                  "version": "2.3.44"
                },
                {
                  "status": "affected",
                  "version": "2.3.45"
                },
                {
                  "status": "affected",
                  "version": "2.3.46"
                },
                {
                  "status": "affected",
                  "version": "2.3.47"
                },
                {
                  "status": "affected",
                  "version": "2.3.48"
                },
                {
                  "status": "affected",
                  "version": "2.3.49"
                },
                {
                  "status": "affected",
                  "version": "2.3.50"
                },
                {
                  "status": "affected",
                  "version": "2.3.51"
                },
                {
                  "status": "affected",
                  "version": "2.3.52"
                },
                {
                  "status": "affected",
                  "version": "2.3.53"
                },
                {
                  "status": "affected",
                  "version": "2.3.54"
                },
                {
                  "status": "affected",
                  "version": "2.3.55"
                },
                {
                  "status": "affected",
                  "version": "2.3.56"
                },
                {
                  "status": "affected",
                  "version": "2.3.57"
                },
                {
                  "status": "affected",
                  "version": "2.3.58"
                },
                {
                  "status": "affected",
                  "version": "2.3.59"
                },
                {
                  "status": "affected",
                  "version": "2.3.60"
                },
                {
                  "status": "affected",
                  "version": "2.3.61"
                },
                {
                  "status": "affected",
                  "version": "2.3.62"
                },
                {
                  "status": "affected",
                  "version": "2.3.63"
                },
                {
                  "status": "affected",
                  "version": "2.3.64"
                },
                {
                  "status": "affected",
                  "version": "2.3.65"
                },
                {
                  "status": "affected",
                  "version": "2.3.66"
                },
                {
                  "status": "affected",
                  "version": "2.3.67"
                },
                {
                  "status": "affected",
                  "version": "2.3.68"
                },
                {
                  "status": "affected",
                  "version": "2.3.69"
                },
                {
                  "status": "affected",
                  "version": "2.3.70"
                },
                {
                  "status": "affected",
                  "version": "2.3.71"
                },
                {
                  "status": "affected",
                  "version": "2.3.72"
                },
                {
                  "status": "affected",
                  "version": "2.3.73"
                },
                {
                  "status": "affected",
                  "version": "2.3.74"
                },
                {
                  "status": "affected",
                  "version": "2.3.75"
                },
                {
                  "status": "affected",
                  "version": "2.3.76"
                },
                {
                  "status": "affected",
                  "version": "2.3.77"
                },
                {
                  "status": "affected",
                  "version": "2.3.78"
                },
                {
                  "status": "affected",
                  "version": "2.3.79"
                },
                {
                  "status": "affected",
                  "version": "2.3.80"
                },
                {
                  "status": "affected",
                  "version": "2.3.81"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "XU17 (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was detected in eCharge Hardy Barth Salia PLCC up to 2.3.81. Affected by this issue is some unknown functionality of the file /firmware.php of the component Web UI. Performing a manipulation of the argument media results in unrestricted upload. The attack can be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.5,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-434",
                  "description": "Unrestricted Upload",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "Improper Access Controls",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-09T00:12:30.422Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-311632 | eCharge Hardy Barth Salia PLCC Web UI firmware.php unrestricted upload",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.311632"
            },
            {
              "name": "VDB-311632 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.311632"
            },
            {
              "name": "Submit #585733 | Salia PLCC Salia PLCC Slave  v2.2.0",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.585733"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/YZS17/CVE/blob/main/Salia_PLCC/Salia_PLCC_Slave_v2.2.0_File_Upload.md"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-06-08T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2025-06-08T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-01-09T01:16:18.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "eCharge Hardy Barth Salia PLCC Web UI firmware.php unrestricted upload"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2025-5873",
        "datePublished": "2025-06-09T10:31:04.727Z",
        "dateReserved": "2025-06-08T17:49:54.645Z",
        "dateUpdated": "2026-01-09T00:12:30.422Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-10371 (GCVE-0-2025-10371)

    Vulnerability from cvelistv5 – Published: 2025-09-13 17:32 – Updated: 2026-01-09 00:12
    VLAI
    Title
    eCharge Hardy Barth Salia PLCC api.php unrestricted upload
    Summary
    A security flaw has been discovered in eCharge Hardy Barth Salia PLCC up to 2.3.81. This issue affects some unknown processing of the file /api.php. The manipulation of the argument setrfidlist results in unrestricted upload. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    eCharge Hardy Barth Salia PLCC Affected: 2.3.0
    Affected: 2.3.1
    Affected: 2.3.2
    Affected: 2.3.3
    Affected: 2.3.4
    Affected: 2.3.5
    Affected: 2.3.6
    Affected: 2.3.7
    Affected: 2.3.8
    Affected: 2.3.9
    Affected: 2.3.10
    Affected: 2.3.11
    Affected: 2.3.12
    Affected: 2.3.13
    Affected: 2.3.14
    Affected: 2.3.15
    Affected: 2.3.16
    Affected: 2.3.17
    Affected: 2.3.18
    Affected: 2.3.19
    Affected: 2.3.20
    Affected: 2.3.21
    Affected: 2.3.22
    Affected: 2.3.23
    Affected: 2.3.24
    Affected: 2.3.25
    Affected: 2.3.26
    Affected: 2.3.27
    Affected: 2.3.28
    Affected: 2.3.29
    Affected: 2.3.30
    Affected: 2.3.31
    Affected: 2.3.32
    Affected: 2.3.33
    Affected: 2.3.34
    Affected: 2.3.35
    Affected: 2.3.36
    Affected: 2.3.37
    Affected: 2.3.38
    Affected: 2.3.39
    Affected: 2.3.40
    Affected: 2.3.41
    Affected: 2.3.42
    Affected: 2.3.43
    Affected: 2.3.44
    Affected: 2.3.45
    Affected: 2.3.46
    Affected: 2.3.47
    Affected: 2.3.48
    Affected: 2.3.49
    Affected: 2.3.50
    Affected: 2.3.51
    Affected: 2.3.52
    Affected: 2.3.53
    Affected: 2.3.54
    Affected: 2.3.55
    Affected: 2.3.56
    Affected: 2.3.57
    Affected: 2.3.58
    Affected: 2.3.59
    Affected: 2.3.60
    Affected: 2.3.61
    Affected: 2.3.62
    Affected: 2.3.63
    Affected: 2.3.64
    Affected: 2.3.65
    Affected: 2.3.66
    Affected: 2.3.67
    Affected: 2.3.68
    Affected: 2.3.69
    Affected: 2.3.70
    Affected: 2.3.71
    Affected: 2.3.72
    Affected: 2.3.73
    Affected: 2.3.74
    Affected: 2.3.75
    Affected: 2.3.76
    Affected: 2.3.77
    Affected: 2.3.78
    Affected: 2.3.79
    Affected: 2.3.80
    Affected: 2.3.81
    Create a notification for this product.
    Credits
    XU-17 (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-10371",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-15T15:39:44.052956Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-15T15:39:52.415Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Salia PLCC",
              "vendor": "eCharge Hardy Barth",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.3.0"
                },
                {
                  "status": "affected",
                  "version": "2.3.1"
                },
                {
                  "status": "affected",
                  "version": "2.3.2"
                },
                {
                  "status": "affected",
                  "version": "2.3.3"
                },
                {
                  "status": "affected",
                  "version": "2.3.4"
                },
                {
                  "status": "affected",
                  "version": "2.3.5"
                },
                {
                  "status": "affected",
                  "version": "2.3.6"
                },
                {
                  "status": "affected",
                  "version": "2.3.7"
                },
                {
                  "status": "affected",
                  "version": "2.3.8"
                },
                {
                  "status": "affected",
                  "version": "2.3.9"
                },
                {
                  "status": "affected",
                  "version": "2.3.10"
                },
                {
                  "status": "affected",
                  "version": "2.3.11"
                },
                {
                  "status": "affected",
                  "version": "2.3.12"
                },
                {
                  "status": "affected",
                  "version": "2.3.13"
                },
                {
                  "status": "affected",
                  "version": "2.3.14"
                },
                {
                  "status": "affected",
                  "version": "2.3.15"
                },
                {
                  "status": "affected",
                  "version": "2.3.16"
                },
                {
                  "status": "affected",
                  "version": "2.3.17"
                },
                {
                  "status": "affected",
                  "version": "2.3.18"
                },
                {
                  "status": "affected",
                  "version": "2.3.19"
                },
                {
                  "status": "affected",
                  "version": "2.3.20"
                },
                {
                  "status": "affected",
                  "version": "2.3.21"
                },
                {
                  "status": "affected",
                  "version": "2.3.22"
                },
                {
                  "status": "affected",
                  "version": "2.3.23"
                },
                {
                  "status": "affected",
                  "version": "2.3.24"
                },
                {
                  "status": "affected",
                  "version": "2.3.25"
                },
                {
                  "status": "affected",
                  "version": "2.3.26"
                },
                {
                  "status": "affected",
                  "version": "2.3.27"
                },
                {
                  "status": "affected",
                  "version": "2.3.28"
                },
                {
                  "status": "affected",
                  "version": "2.3.29"
                },
                {
                  "status": "affected",
                  "version": "2.3.30"
                },
                {
                  "status": "affected",
                  "version": "2.3.31"
                },
                {
                  "status": "affected",
                  "version": "2.3.32"
                },
                {
                  "status": "affected",
                  "version": "2.3.33"
                },
                {
                  "status": "affected",
                  "version": "2.3.34"
                },
                {
                  "status": "affected",
                  "version": "2.3.35"
                },
                {
                  "status": "affected",
                  "version": "2.3.36"
                },
                {
                  "status": "affected",
                  "version": "2.3.37"
                },
                {
                  "status": "affected",
                  "version": "2.3.38"
                },
                {
                  "status": "affected",
                  "version": "2.3.39"
                },
                {
                  "status": "affected",
                  "version": "2.3.40"
                },
                {
                  "status": "affected",
                  "version": "2.3.41"
                },
                {
                  "status": "affected",
                  "version": "2.3.42"
                },
                {
                  "status": "affected",
                  "version": "2.3.43"
                },
                {
                  "status": "affected",
                  "version": "2.3.44"
                },
                {
                  "status": "affected",
                  "version": "2.3.45"
                },
                {
                  "status": "affected",
                  "version": "2.3.46"
                },
                {
                  "status": "affected",
                  "version": "2.3.47"
                },
                {
                  "status": "affected",
                  "version": "2.3.48"
                },
                {
                  "status": "affected",
                  "version": "2.3.49"
                },
                {
                  "status": "affected",
                  "version": "2.3.50"
                },
                {
                  "status": "affected",
                  "version": "2.3.51"
                },
                {
                  "status": "affected",
                  "version": "2.3.52"
                },
                {
                  "status": "affected",
                  "version": "2.3.53"
                },
                {
                  "status": "affected",
                  "version": "2.3.54"
                },
                {
                  "status": "affected",
                  "version": "2.3.55"
                },
                {
                  "status": "affected",
                  "version": "2.3.56"
                },
                {
                  "status": "affected",
                  "version": "2.3.57"
                },
                {
                  "status": "affected",
                  "version": "2.3.58"
                },
                {
                  "status": "affected",
                  "version": "2.3.59"
                },
                {
                  "status": "affected",
                  "version": "2.3.60"
                },
                {
                  "status": "affected",
                  "version": "2.3.61"
                },
                {
                  "status": "affected",
                  "version": "2.3.62"
                },
                {
                  "status": "affected",
                  "version": "2.3.63"
                },
                {
                  "status": "affected",
                  "version": "2.3.64"
                },
                {
                  "status": "affected",
                  "version": "2.3.65"
                },
                {
                  "status": "affected",
                  "version": "2.3.66"
                },
                {
                  "status": "affected",
                  "version": "2.3.67"
                },
                {
                  "status": "affected",
                  "version": "2.3.68"
                },
                {
                  "status": "affected",
                  "version": "2.3.69"
                },
                {
                  "status": "affected",
                  "version": "2.3.70"
                },
                {
                  "status": "affected",
                  "version": "2.3.71"
                },
                {
                  "status": "affected",
                  "version": "2.3.72"
                },
                {
                  "status": "affected",
                  "version": "2.3.73"
                },
                {
                  "status": "affected",
                  "version": "2.3.74"
                },
                {
                  "status": "affected",
                  "version": "2.3.75"
                },
                {
                  "status": "affected",
                  "version": "2.3.76"
                },
                {
                  "status": "affected",
                  "version": "2.3.77"
                },
                {
                  "status": "affected",
                  "version": "2.3.78"
                },
                {
                  "status": "affected",
                  "version": "2.3.79"
                },
                {
                  "status": "affected",
                  "version": "2.3.80"
                },
                {
                  "status": "affected",
                  "version": "2.3.81"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "XU-17 (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A security flaw has been discovered in eCharge Hardy Barth Salia PLCC up to 2.3.81. This issue affects some unknown processing of the file /api.php. The manipulation of the argument setrfidlist results in unrestricted upload. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 7.5,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-434",
                  "description": "Unrestricted Upload",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "Improper Access Controls",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-09T00:12:33.151Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-323779 | eCharge Hardy Barth Salia PLCC api.php unrestricted upload",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.323779"
            },
            {
              "name": "VDB-323779 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.323779"
            },
            {
              "name": "Submit #643535 | echarge Salia PLCC 2.2.0 Unauthorized File-Write",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.643535"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://github.com/YZS17/CVE/blob/main/Salia_PLCC/file-write-api.php.md"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/YZS17/CVE/blob/main/Salia_PLCC/file-write-api.php.md#poc"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-09-12T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2025-09-12T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-01-09T01:16:29.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "eCharge Hardy Barth Salia PLCC api.php unrestricted upload"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2025-10371",
        "datePublished": "2025-09-13T17:32:06.472Z",
        "dateReserved": "2025-09-12T14:04:45.082Z",
        "dateUpdated": "2026-01-09T00:12:33.151Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-5873 (GCVE-0-2025-5873)

    Vulnerability from cvelistv5 – Published: 2025-06-09 10:31 – Updated: 2026-01-09 00:12
    VLAI
    Title
    eCharge Hardy Barth Salia PLCC Web UI firmware.php unrestricted upload
    Summary
    A vulnerability was detected in eCharge Hardy Barth Salia PLCC up to 2.3.81. Affected by this issue is some unknown functionality of the file /firmware.php of the component Web UI. Performing a manipulation of the argument media results in unrestricted upload. The attack can be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.311632 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.311632 signaturepermissions-required
    https://vuldb.com/?submit.585733 third-party-advisory
    https://github.com/YZS17/CVE/blob/main/Salia_PLCC… exploit
    Impacted products
    Vendor Product Version
    eCharge Hardy Barth Salia PLCC Affected: 2.3.0
    Affected: 2.3.1
    Affected: 2.3.2
    Affected: 2.3.3
    Affected: 2.3.4
    Affected: 2.3.5
    Affected: 2.3.6
    Affected: 2.3.7
    Affected: 2.3.8
    Affected: 2.3.9
    Affected: 2.3.10
    Affected: 2.3.11
    Affected: 2.3.12
    Affected: 2.3.13
    Affected: 2.3.14
    Affected: 2.3.15
    Affected: 2.3.16
    Affected: 2.3.17
    Affected: 2.3.18
    Affected: 2.3.19
    Affected: 2.3.20
    Affected: 2.3.21
    Affected: 2.3.22
    Affected: 2.3.23
    Affected: 2.3.24
    Affected: 2.3.25
    Affected: 2.3.26
    Affected: 2.3.27
    Affected: 2.3.28
    Affected: 2.3.29
    Affected: 2.3.30
    Affected: 2.3.31
    Affected: 2.3.32
    Affected: 2.3.33
    Affected: 2.3.34
    Affected: 2.3.35
    Affected: 2.3.36
    Affected: 2.3.37
    Affected: 2.3.38
    Affected: 2.3.39
    Affected: 2.3.40
    Affected: 2.3.41
    Affected: 2.3.42
    Affected: 2.3.43
    Affected: 2.3.44
    Affected: 2.3.45
    Affected: 2.3.46
    Affected: 2.3.47
    Affected: 2.3.48
    Affected: 2.3.49
    Affected: 2.3.50
    Affected: 2.3.51
    Affected: 2.3.52
    Affected: 2.3.53
    Affected: 2.3.54
    Affected: 2.3.55
    Affected: 2.3.56
    Affected: 2.3.57
    Affected: 2.3.58
    Affected: 2.3.59
    Affected: 2.3.60
    Affected: 2.3.61
    Affected: 2.3.62
    Affected: 2.3.63
    Affected: 2.3.64
    Affected: 2.3.65
    Affected: 2.3.66
    Affected: 2.3.67
    Affected: 2.3.68
    Affected: 2.3.69
    Affected: 2.3.70
    Affected: 2.3.71
    Affected: 2.3.72
    Affected: 2.3.73
    Affected: 2.3.74
    Affected: 2.3.75
    Affected: 2.3.76
    Affected: 2.3.77
    Affected: 2.3.78
    Affected: 2.3.79
    Affected: 2.3.80
    Affected: 2.3.81
    Create a notification for this product.
    Credits
    XU17 (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-5873",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-09T17:47:53.089620Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-09T17:48:02.495Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "Web UI"
              ],
              "product": "Salia PLCC",
              "vendor": "eCharge Hardy Barth",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.3.0"
                },
                {
                  "status": "affected",
                  "version": "2.3.1"
                },
                {
                  "status": "affected",
                  "version": "2.3.2"
                },
                {
                  "status": "affected",
                  "version": "2.3.3"
                },
                {
                  "status": "affected",
                  "version": "2.3.4"
                },
                {
                  "status": "affected",
                  "version": "2.3.5"
                },
                {
                  "status": "affected",
                  "version": "2.3.6"
                },
                {
                  "status": "affected",
                  "version": "2.3.7"
                },
                {
                  "status": "affected",
                  "version": "2.3.8"
                },
                {
                  "status": "affected",
                  "version": "2.3.9"
                },
                {
                  "status": "affected",
                  "version": "2.3.10"
                },
                {
                  "status": "affected",
                  "version": "2.3.11"
                },
                {
                  "status": "affected",
                  "version": "2.3.12"
                },
                {
                  "status": "affected",
                  "version": "2.3.13"
                },
                {
                  "status": "affected",
                  "version": "2.3.14"
                },
                {
                  "status": "affected",
                  "version": "2.3.15"
                },
                {
                  "status": "affected",
                  "version": "2.3.16"
                },
                {
                  "status": "affected",
                  "version": "2.3.17"
                },
                {
                  "status": "affected",
                  "version": "2.3.18"
                },
                {
                  "status": "affected",
                  "version": "2.3.19"
                },
                {
                  "status": "affected",
                  "version": "2.3.20"
                },
                {
                  "status": "affected",
                  "version": "2.3.21"
                },
                {
                  "status": "affected",
                  "version": "2.3.22"
                },
                {
                  "status": "affected",
                  "version": "2.3.23"
                },
                {
                  "status": "affected",
                  "version": "2.3.24"
                },
                {
                  "status": "affected",
                  "version": "2.3.25"
                },
                {
                  "status": "affected",
                  "version": "2.3.26"
                },
                {
                  "status": "affected",
                  "version": "2.3.27"
                },
                {
                  "status": "affected",
                  "version": "2.3.28"
                },
                {
                  "status": "affected",
                  "version": "2.3.29"
                },
                {
                  "status": "affected",
                  "version": "2.3.30"
                },
                {
                  "status": "affected",
                  "version": "2.3.31"
                },
                {
                  "status": "affected",
                  "version": "2.3.32"
                },
                {
                  "status": "affected",
                  "version": "2.3.33"
                },
                {
                  "status": "affected",
                  "version": "2.3.34"
                },
                {
                  "status": "affected",
                  "version": "2.3.35"
                },
                {
                  "status": "affected",
                  "version": "2.3.36"
                },
                {
                  "status": "affected",
                  "version": "2.3.37"
                },
                {
                  "status": "affected",
                  "version": "2.3.38"
                },
                {
                  "status": "affected",
                  "version": "2.3.39"
                },
                {
                  "status": "affected",
                  "version": "2.3.40"
                },
                {
                  "status": "affected",
                  "version": "2.3.41"
                },
                {
                  "status": "affected",
                  "version": "2.3.42"
                },
                {
                  "status": "affected",
                  "version": "2.3.43"
                },
                {
                  "status": "affected",
                  "version": "2.3.44"
                },
                {
                  "status": "affected",
                  "version": "2.3.45"
                },
                {
                  "status": "affected",
                  "version": "2.3.46"
                },
                {
                  "status": "affected",
                  "version": "2.3.47"
                },
                {
                  "status": "affected",
                  "version": "2.3.48"
                },
                {
                  "status": "affected",
                  "version": "2.3.49"
                },
                {
                  "status": "affected",
                  "version": "2.3.50"
                },
                {
                  "status": "affected",
                  "version": "2.3.51"
                },
                {
                  "status": "affected",
                  "version": "2.3.52"
                },
                {
                  "status": "affected",
                  "version": "2.3.53"
                },
                {
                  "status": "affected",
                  "version": "2.3.54"
                },
                {
                  "status": "affected",
                  "version": "2.3.55"
                },
                {
                  "status": "affected",
                  "version": "2.3.56"
                },
                {
                  "status": "affected",
                  "version": "2.3.57"
                },
                {
                  "status": "affected",
                  "version": "2.3.58"
                },
                {
                  "status": "affected",
                  "version": "2.3.59"
                },
                {
                  "status": "affected",
                  "version": "2.3.60"
                },
                {
                  "status": "affected",
                  "version": "2.3.61"
                },
                {
                  "status": "affected",
                  "version": "2.3.62"
                },
                {
                  "status": "affected",
                  "version": "2.3.63"
                },
                {
                  "status": "affected",
                  "version": "2.3.64"
                },
                {
                  "status": "affected",
                  "version": "2.3.65"
                },
                {
                  "status": "affected",
                  "version": "2.3.66"
                },
                {
                  "status": "affected",
                  "version": "2.3.67"
                },
                {
                  "status": "affected",
                  "version": "2.3.68"
                },
                {
                  "status": "affected",
                  "version": "2.3.69"
                },
                {
                  "status": "affected",
                  "version": "2.3.70"
                },
                {
                  "status": "affected",
                  "version": "2.3.71"
                },
                {
                  "status": "affected",
                  "version": "2.3.72"
                },
                {
                  "status": "affected",
                  "version": "2.3.73"
                },
                {
                  "status": "affected",
                  "version": "2.3.74"
                },
                {
                  "status": "affected",
                  "version": "2.3.75"
                },
                {
                  "status": "affected",
                  "version": "2.3.76"
                },
                {
                  "status": "affected",
                  "version": "2.3.77"
                },
                {
                  "status": "affected",
                  "version": "2.3.78"
                },
                {
                  "status": "affected",
                  "version": "2.3.79"
                },
                {
                  "status": "affected",
                  "version": "2.3.80"
                },
                {
                  "status": "affected",
                  "version": "2.3.81"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "XU17 (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was detected in eCharge Hardy Barth Salia PLCC up to 2.3.81. Affected by this issue is some unknown functionality of the file /firmware.php of the component Web UI. Performing a manipulation of the argument media results in unrestricted upload. The attack can be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.5,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-434",
                  "description": "Unrestricted Upload",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "Improper Access Controls",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-09T00:12:30.422Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-311632 | eCharge Hardy Barth Salia PLCC Web UI firmware.php unrestricted upload",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.311632"
            },
            {
              "name": "VDB-311632 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.311632"
            },
            {
              "name": "Submit #585733 | Salia PLCC Salia PLCC Slave  v2.2.0",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.585733"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/YZS17/CVE/blob/main/Salia_PLCC/Salia_PLCC_Slave_v2.2.0_File_Upload.md"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-06-08T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2025-06-08T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-01-09T01:16:18.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "eCharge Hardy Barth Salia PLCC Web UI firmware.php unrestricted upload"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2025-5873",
        "datePublished": "2025-06-09T10:31:04.727Z",
        "dateReserved": "2025-06-08T17:49:54.645Z",
        "dateUpdated": "2026-01-09T00:12:30.422Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }