Primary

Context

Kehua Charging Pile Cloud Platform Improper Authentication Vulnerability

Vulnerability

A critical vulnerability has been identified in Kehua Charging Pile Cloud Platform version 1.0. This vulnerability resides in the file '/home' and is related to improper authentication, allowing remote attackers to bypass login mechanisms. The issue has been publicly disclosed, and an exploit is available.

Impact

Exploitation of this vulnerability allows for improper authentication, potentially leading to unauthorized access to the system.

Reproduction

To reproduce this vulnerability, navigate to the '/home' path of the Kehua Charging Pile Cloud Platform 1.0. Enter any password to bypass the login authentication. This can be done by capturing and modifying the response packets to manipulate the login process, successfully gaining access to the system as an 'admin' user.

Added: Jul 31, 2025, 4:19 AM

Updated: Jul 31, 2025, 4:19 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

8.7

remediation

0.0

relevance

0.3

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

8.7

remediation

0.0

relevance

0.3

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Kehua Charging Pile Cloud Platform Improper Authentication Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating