From this webpage screenshot, the following key vulnerability information can be extracted: 1. **Vulnerability Description**: - First vulnerability: An issue in the Web Configuration module allows authenticated, network-adjacent attackers to upload malicious firmware, leading to arbitrary code execution. - Second vulnerability: A stack overflow vulnerability in the `download.cgi` function, triggered by using the Content-Length value as buffer size. - Third vulnerability: Contains a hard-coded AES key, enabling attackers to forge or decrypt valid login tokens. 2. **Vulnerability Type**: - Buffer Overflow - Hard-coded Cryptographic Key 3. **Affected Products and Components**: - Product: StarCharge Artemis AC Charger 7-22 kW v1.0.4 - Components: Web config Interface, CGI Interface 4. **Attack Type and Vector**: - Attack Type: Remote - Attack Vector: Adjacent network, Network-adjacent 5. **Impact**: - Code execution - Escalation of Privileges - Bypass authentication 6. **Reference Links**: - [https://www.starcharge.com/product/artemis/](https://www.starcharge.com/product/artemis/) 7. **Confirmation Status**: - Vendor has confirmed or acknowledged the vulnerability: true 8. **Discoverers**: - Hà Toàn, Tông Thế Bảo, Trần Văn Quốc, Ngọc Hiếu of VinFast 9. **CVE Identifiers**: - CVE-2025-52263 - CVE-2025-52264 - CVE-2025-52268