{"vulnerability": "CVE-2024-4366", "sightings": [{"uuid": "c3216fd6-1ebf-45a4-b3bf-90b6c24251da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43663", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfcah5gcd32e", "content": "", "creation_timestamp": "2025-01-09T08:17:01.273400Z"}, {"uuid": "61da2c5b-f852-4f86-baec-5c2293c51b17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43660", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113797527961406275", "content": "", "creation_timestamp": "2025-01-09T08:47:55.626147Z"}, {"uuid": "c831f28d-688e-4ef6-85e5-c7aa3c553fef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43662", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113797528009031838", "content": "", "creation_timestamp": "2025-01-09T08:47:56.256501Z"}, {"uuid": "f75293bf-6561-4e7d-b905-c68b41d7ac0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43663", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113797528023051876", "content": "", "creation_timestamp": "2025-01-09T08:47:56.591197Z"}, {"uuid": "3a012b45-5201-4bfe-af2b-e5b216d0522f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43661", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113797527995004670", "content": "", "creation_timestamp": "2025-01-09T08:47:56.761395Z"}, {"uuid": "15a59144-5ffa-496d-a851-031e8dbf6aa9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43660", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/113799007314543960", "content": "", "creation_timestamp": "2025-01-09T15:04:09.089680Z"}, {"uuid": "3fd3ffdc-bc26-4903-b3d8-0fb335bf2ab5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43661", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/113799007314543960", "content": "", "creation_timestamp": "2025-01-09T15:04:09.124220Z"}, {"uuid": "853d3c96-59d1-44ba-ac09-b53b38403139", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43662", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/113799007314543960", "content": "", "creation_timestamp": "2025-01-09T15:04:09.157363Z"}, {"uuid": "8aa1c4a5-712e-40dd-a851-21df3c12c5b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43663", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/113799007314543960", "content": "", "creation_timestamp": "2025-01-09T15:04:09.192683Z"}, {"uuid": "4ed194f5-586b-4a2c-8e7e-fd11d41f411e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43660", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfcagvjtvx27", "content": "", "creation_timestamp": "2025-01-09T08:16:52.930354Z"}, {"uuid": "b74a3d7a-925c-4edf-b53b-d5993fa90d28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43661", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfcagxwjoi25", "content": "", "creation_timestamp": "2025-01-09T08:16:55.383172Z"}, {"uuid": "e43da81d-bd15-4911-a1a7-a78d4d785541", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43663", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/913", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-43663\n\ud83d\udd39 Description: There are many buffer overflow vulnerabilities present in several CGI binaries of the charging station.This issue affects Iocharger firmware for AC model chargers beforeversion 24120701.\n\nLikelihood: High \u2013 Given the prevalence of these buffer overflows, and the clear error message of the web server, an attacker is very likely to be able to find these vulnerabilities.\n\nImpact: Low \u2013 Usually, overflowing one of these buffers just causes a segmentation fault of the CGI binary, which causes the web server to return a 502 Bad Gateway error. However the webserver itself is not affected, and no DoS can be achieved. Abusing these buffer overflows in a meaningful way requires highly technical knowledge, especially since ASLR also seems to be enabled on the charging station. However, a skilled attacker might be able to use one of these buffer overflows to obtain remote code execution.\n\nCVSS clarification. The attack can be executed over any network connection the station is listening to and serves the web interface (AV:N), and there are no additional security measure sin place that need to be circumvented (AC:L), the attack does not rely on preconditions (AT:N). The attack does require authentication, but the level of authentication is irrelevant (PR:L), it does not require user interaction (UI:N). The attack has a small impact on the availability of the device (VC:N/VI:N/VA:L).  There is no impact on subsequent systems. (SC:N/SI:N/SA:N). While this device is an EV charger handing significant amounts of power, we do not expect\u00a0 this vulnerability to have a safety impact. The attack can be automated (AU:Y).\n\ud83d\udccf Published: 2025-01-09T07:56:45.961Z\n\ud83d\udccf Modified: 2025-01-09T07:56:45.961Z\n\ud83d\udd17 References:\n1. https://csirt.divd.nl/DIVD-2024-00035/\n2. https://csirt.divd.nl/CVE-2024-43663/\n3. https://iocharger.com", "creation_timestamp": "2025-01-09T08:16:37.000000Z"}, {"uuid": "0d991852-cd9d-4918-911b-82eb1a054688", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43661", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113799182581920046", "content": "", "creation_timestamp": "2025-01-09T15:48:43.069546Z"}, {"uuid": "f0296d40-890e-4340-9140-30065e0693f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43663", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113799182636174913", "content": "", "creation_timestamp": "2025-01-09T15:48:44.083145Z"}, {"uuid": "0155849f-2932-4120-b4c8-b2fa66b62ff4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43663", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfcfb4qnda2h", "content": "", "creation_timestamp": "2025-01-09T09:43:07.918711Z"}, {"uuid": "c42e61aa-caf5-47dd-bba2-5556297ed026", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43662", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfcah3cda727", "content": "", "creation_timestamp": "2025-01-09T08:16:58.799561Z"}, {"uuid": "b14508d4-fbda-4c08-bd72-8424c01f6b94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43661", "type": "seen", "source": "https://t.me/cvedetector/14806", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43661 - \"Iocharger AC Firmware Buffer Overflow - CGI Binary/Script Remote Denial of Service\"\", \n  \"Content\": \"CVE ID : CVE-2024-43661 \nPublished : Jan. 9, 2025, 8:15 a.m. | 40\u00a0minutes ago \nDescription : The .so library, which is used by , is  \nvulnerable to a buffer overflow in the code that handles the deletion  \nof certificates. This buffer overflow can be triggered by providing a  \nlong file path to the  action of the .exe CGI binary or  \nto the .sh CGI script. This binary or script will write this  \nfile path to , which is then  \nread by .so  \n  \n  \nThis issue affects Iocharger firmware for AC models before version 24120701.  \n  \nLikelihood: Moderate \u2013 An attacker will have to find this exploit by  \neither obtaining the binaries involved in this vulnerability, or by trial  \nand error. Furthermore, the attacker will need a (low privilege)  \naccount to gain access to the .exe CGI binary or .sh  \nscript to trigger the vulnerability, or convince a user with such access  \nsend an HTTP request that triggers it.  \n  \n  \nImpact: High \u2013 The  process, which we assume is  \nresponsible for OCPP communication, will keep crashing after  \nperforming the exploit. This happens because the buffer overflow  \ncauses the process to segfault before  \n is removed. This means that,  \neven though  is automatically restarted, it will crash  \nagain as soon as it tries to parse the text file.  \n  \nCVSS clarification. The attack can be executed over any network connection the station is listening to and serves the web interface (AV:N), and there are no additional security measure sin place that need to be circumvented (AC:L), the attack does not rely on preconditions (AT:N). The attack does require authentication, but the level of authentication is irrelevant (PR:L), it does not require user interaction (UI:N). The attack leads to reducred availability of the device (VC:N/VI:N/VA:H). THere is not impact on subsequent systems. (SC:N/SI:N/SA:N). Alltough this device is an EV charger handing significant amounts of power, we do not forsee a safety impact. The attack can be automated (AU:Y). Because the DoS condition is written to disk persistantly, it cannot be recovered by the user (R:I). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-09T10:13:50.000000Z"}, {"uuid": "5eea19e4-bfd3-4d14-9a80-0804a6b8ed9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43660", "type": "seen", "source": "https://t.me/cvedetector/14805", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43660 - Iocharger CGI File Read/Download Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-43660 \nPublished : Jan. 9, 2025, 8:15 a.m. | 40\u00a0minutes ago \nDescription : The CGI script .sh can be used to download any file on the filesystem.  \n  \nThis issue affects Iocharger firmware for AC model chargers beforeversion 24120701.  \n  \nLikelihood: High, but credentials required.  \n  \nImpact: Critical \u2013 The script can be used to download any file on the filesystem, including sensitive files such as /etc/shadow, the CGI script source code or binaries and configuration files.  \n  \nCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/S:P/AU:Y  \nCVSS clarification. The attack can be executed over any network connection the station is listening to and serves the web interface (AV:N), and there are no additional security measure sin place that need to be circumvented (AC:L), the attack does not rely on preconditions (AT:N). The attack does require authentication, but the level of authentication is irrelevant (PR:L), it does not require user interaction (UI:N). The confidentiality of all files of the devicd can be compromised (VC:H/VI:N/VA:N).  There is no impact on subsequent systems. (SC:N/SI:N/SA:N). While this device is an EV charger handing significant amounts of power, this attack in isolation does not have a safety impact. The attack can be automated (AU:Y). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-09T10:13:47.000000Z"}, {"uuid": "ab54a2b5-ffbb-4eed-9089-dc1d75f0fe68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43663", "type": "seen", "source": "https://t.me/cvedetector/14808", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43663 - \"Iocharger AC Model Charger CGI Buffer Overflow Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-43663 \nPublished : Jan. 9, 2025, 8:15 a.m. | 40\u00a0minutes ago \nDescription : There are many buffer overflow vulnerabilities present in several CGI binaries of the charging station.This issue affects Iocharger firmware for AC model chargers beforeversion 24120701.  \n  \nLikelihood: High \u2013 Given the prevalence of these buffer overflows, and the clear error message of the web server, an attacker is very likely to be able to find these vulnerabilities.  \n  \nImpact: Low \u2013 Usually, overflowing one of these buffers just causes a segmentation fault of the CGI binary, which causes the web server to return a 502 Bad Gateway error. However the webserver itself is not affected, and no DoS can be achieved. Abusing these buffer overflows in a meaningful way requires highly technical knowledge, especially since ASLR also seems to be enabled on the charging station. However, a skilled attacker might be able to use one of these buffer overflows to obtain remote code execution.  \n  \nCVSS clarification. The attack can be executed over any network connection the station is listening to and serves the web interface (AV:N), and there are no additional security measure sin place that need to be circumvented (AC:L), the attack does not rely on preconditions (AT:N). The attack does require authentication, but the level of authentication is irrelevant (PR:L), it does not require user interaction (UI:N). The attack has a small impact on the availability of the device (VC:N/VI:N/VA:L).  There is no impact on subsequent systems. (SC:N/SI:N/SA:N). While this device is an EV charger handing significant amounts of power, we do not expect\u00a0 this vulnerability to have a safety impact. The attack can be automated (AU:Y). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-09T10:13:52.000000Z"}, {"uuid": "8b11b60f-9f19-4cec-b761-55078a7dc663", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43662", "type": "seen", "source": "https://t.me/cvedetector/14807", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43662 - Iocharger AC Models Arbitrary File Upload\", \n  \"Content\": \"CVE ID : CVE-2024-43662 \nPublished : Jan. 9, 2025, 8:15 a.m. | 40\u00a0minutes ago \nDescription : The .exe or .exe CGI binary can be used to upload arbitrary files to /tmp/upload/ or /tmp/ respectively as any user, although the user interface for uploading files is only shown to the iocadmin user.  \n  \nThis issue affects Iocharger firmware for AC models before version 24120701.  \n  \nLikelihood: Moderate \u2013 An attacker will need to have knowledge of this CGI binary, e.g. by finding it in firmware. Furthermore, the attacker will need a (low privilege) account to gain access to the .exe or .exe CGI binary and upload the file, or convince a user with such access to upload it.  \n  \nImpact: Low \u2013 The attacker can upload arbitrary files to /tmp/upload/ or /tmp/. However, the attacker is unable to access or use these files without other vulnerabilities.  \n  \nCVSS clarification. The attack can be executed over any network connection the station is listening to and serves the web interface (AV:N), and there are no additional security measure sin place that need to be circumvented (AC:L), the attack does not rely on preconditions (AT:N). The attack does require authentication, but the level of authentication is irrelevant (PR:L), it does not require user interaction (UI:N). Artitrary files can be uploaded, be these files will not be in a location where they can influence confidentiality or availability and have a minimal impact on device integrity (VC:N/VI:L/VA:N).  There is no impact on subsequent systems. (SC:N/SI:N/SA:N). While this device is an EV charger handing significant amounts of power, we do not expect this vulnerability to have a safety impact. The attack can be automated (AU:Y). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-09T10:13:51.000000Z"}]}