CVE-2024-44843

Published: Apr 15, 2025

Modified: Apr 16, 2025

PUBLISHED

Description

An issue in the web socket handshake process of SteVe v3.7.1 allows attackers to bypass authentication and execute arbitrary coammands via supplying crafted OCPP requests.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/steve-community/steve/issues/1546

https://github.com/steve-community/steve/blob/master/src/main/java/de/rwth/idsg/steve/ocpp/ws/OcppWebSocketHandshakeHandler.java

https://gist.github.com/Badranh/94359664799db6d4709871f0c353f476

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-44843

Description

Affected Products

References