Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
EVerest has Delayed Authorization Response Bypasses Termination After RemoteStop
Vulnerability Description
EVerest is an EV charging software stack. Prior to version 2026.02.0, during RemoteStop processing, a delayed authorization response restores `authorized` back to true, defeating the `stop_transaction()` call condition on PowerOff events. As a result, the transaction can remain open even after a remote stop. Version 2026.02.0 contains a patch.
CVSS Information
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L
Vulnerability Type
授权机制不正确
Vulnerability Title
EVerest 安全漏洞
Vulnerability Description
EVerest是EVerest开源的一个电动汽车充电桩的固件。 EVerest 2026.02.0之前版本存在安全漏洞,该漏洞源于RemoteStop处理期间延迟的授权响应可能恢复授权状态,导致交易在远程停止后仍保持开放。
CVSS Information
N/A
Vulnerability Type
N/A