Primary

Context

Autel MaxiCharger AC Wallbox Commercial Missing Authentication Information Disclosure Vulnerability

Vulnerability

A vulnerability exists in the Autel MaxiCharger AC Wallbox Commercial charging stations, allowing remote attackers to access sensitive information without authentication. The issue arises in the Pile API, where the absence of authentication enables attackers to exploit the functionality and potentially disclose credentials, leading to further compromise.

Impact

Exploitation of this vulnerability could result in unauthorized access to sensitive information, including credentials, which could be used for further exploitation or compromise of the affected system.

Remediation

Users can update to American Standard V1.39.51 or European Standard V1.56.51 to address this vulnerability.

Added: Jun 25, 2025, 7:29 PM

Updated: Jun 25, 2025, 7:29 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Autel MaxiCharger AC Wallbox Commercial Missing Authentication Information Disclosure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating