Primary

Context

Autel MaxiCharger AC Wallbox Commercial Dangerous Method Information Disclosure Vulnerability

Vulnerability

A vulnerability allowing remote information disclosure has been identified in the Autel MaxiCharger AC Wallbox Commercial EV chargers. This issue arises from an exposed dangerous method in the Autel Technician API, which can be exploited to reveal sensitive information, including credentials, on affected installations. Authentication is required to exploit this vulnerability.

Impact

Exploitation of this vulnerability could lead to unauthorized disclosure of sensitive information, including credentials, which could be used for further compromise.

Remediation

Users can update to version 1.39.51 for American Standard or 1.56.51 for European Standard to address this vulnerability.

Added: Jun 25, 2025, 7:58 PM

Updated: Jun 25, 2025, 7:58 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Autel MaxiCharger AC Wallbox Commercial Dangerous Method Information Disclosure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating