Primary

Context

Mennekes Smart/Premium Charging Systems Command Injection Vulnerability in Firmware Update

Vulnerability

A command injection vulnerability has been identified in the firmware of Mennekes Smart and Premium charging stations, specifically in versions prior to 2.15. This vulnerability arises from improper neutralization of OS commands, allowing authenticated attackers to execute arbitrary commands on the underlying operating system via the firmware update interface.

Impact

Exploitation of this vulnerability allows for authenticated remote command execution on the affected charging stations.

Remediation

Users are advised to update the firmware to version 2.15 or later. The latest firmware can be downloaded from the Mennekes Software Updates page.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Mennekes Smart/Premium Charging Systems Command Injection Vulnerability in Firmware Update

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating