exploitDog

GHSA-g2fr-wj73-rxrw

Опубликовано: 15 апр. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 5.9

Описание

An issue in the web socket handshake process of SteVe v3.7.1 allows attackers to bypass authentication and execute arbitrary coammands via supplying crafted OCPP requests.

An issue in the web socket handshake process of SteVe v3.7.1 allows attackers to bypass authentication and execute arbitrary coammands via supplying crafted OCPP requests.

Ссылки

EPSS

Процентиль: 19%

0.00061

Низкий

5.9 Medium

CVSS3

CVE ID

Дефекты

CWE-287

Связанные уязвимости

CVE-2024-44843

CVSS3: 5.9

nvd

10 месяцев назад

An issue in the web socket handshake process of SteVe v3.7.1 allows attackers to bypass authentication and execute arbitrary coammands via supplying crafted OCPP requests.

EPSS

Процентиль: 19%

0.00061

Низкий

5.9 Medium

CVSS3

CVE ID

Дефекты

CWE-287