Back to search
CVE-2025-48416
Published: May 21, 2025
Modified: Nov 3, 2025
PUBLISHED
Description
An OpenSSH daemon listens on TCP port 22. There is a hard-coded entry in the "/etc/shadow" file in the firmware image for the "root" user. However, in the default SSH configuration the "PermitRootLogin" is disabled, preventing the root user from logging in via SSH. This configuration can be bypassed/changed by an attacker through multiple paths though.
| Vendor | Product | Versions |
|---|---|---|
eCharge Hardy Barth | cPH2 / cPP2 charging stations | affected <=2.2.0 |
Weaknesses (CWE)
References
https://r.sec-consult.com/echarge
third-party-advisory
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now