Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
CTEK Chargeportal Improper Restriction of Excessive Authentication Attempts
Vulnerability Description
The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain unauthorized access.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
过多认证尝试的限制不恰当
Vulnerability Title
CTEK Chargeportal 安全漏洞
Vulnerability Description
CTEK Chargeportal是瑞典CTEK公司的一个电动车充电管理平台。 CTEK Chargeportal存在安全漏洞,该漏洞源于WebSocket应用程序编程接口缺少对身份验证请求数量的限制,可能导致攻击者进行拒绝服务攻击或暴力破解攻击。
CVSS Information
N/A
Vulnerability Type
N/A