Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CHARX SEC-3000 — Vulnerabilities & Security Advisories 20

All 20 CVE vulnerabilities found in CHARX SEC-3000, with AI-generated Chinese analysis, references, and POCs.

Vendor: PHOENIX CONTACT

CVE IDTitleCVSSSeverityPublished
CVE-2024-11497 Phoenix Contact: CHARX-SEC3xxx Charge controllers vulnerable to privilege escalation CWE-732 8.8 High2025-01-14
CVE-2024-6788 Phoenix Contact: update feature from CHARX controller can be used to reset a low privilege user password CWE-1392 8.6 High2024-08-13
CVE-2024-28137 PHOENIX CONTACT: privilege escalation due to a TOCTOU vulnerability in the CHARX Series CWE-367 7.8 High2024-05-14
CVE-2024-28136 PHOENIX CONTACT: command injection gains root privileges using the OCPP remote service CWE-77 7.8 High2024-05-14
CVE-2024-28135 PHOENIX CONTACT: command injection vulnerability in the API of the CHARX Series CWE-77 5.0 Medium2024-05-14
CVE-2024-28134 PHOENIX CONTACT: MitM attack gains privileges of the current logged in user in CHARX Series CWE-319 7.0 High2024-05-14
CVE-2024-28133 PHOENIX CONTACT: Privilege escalation in CHARX Series CWE-426 7.8 High2024-05-14
CVE-2024-26288 PHOENIX CONTACT: Lack of SSL support in CHARX Series CWE-319 8.7 High2024-03-12
CVE-2024-26005 PHOENIX CONTACT: Privilege gain through incomplete cleanup in CHARX Series CWE-459 4.8 Medium2024-03-12
CVE-2024-26004 PHOENIX CONTACT: DoS of a control agent due to access of a uninitialized pointer in CHARX Series CWE-824 7.5 High2024-03-12
CVE-2024-26003 PHOENIX CONTACT: DoS of the control agent in CHARX Series CWE-125 7.5 High2024-03-12
CVE-2024-26002 PHOENIX CONTACT: File ownership manipulation in CHARX Series CWE-20 7.8 High2024-03-12
CVE-2024-26001 PHOENIX CONTACT: Out of bounds write only memory access CWE-787 7.4 High2024-03-12
CVE-2024-26000 PHOENIX CONTACT: Out of bounds read only memory access CWE-125 5.9 Medium2024-03-12
CVE-2024-25999 PHOENIX CONTACT: Privilege escalation in the OCPP agent service CWE-20 8.4 High2024-03-12
CVE-2024-25998 PHOENIX CONTACT: Command injection in the OCPP Service CWE-77 7.3 High2024-03-12
CVE-2024-25997 PHOENIX CONTACT: Log injection in CHARX Series CWE-20 5.3 Medium2024-03-12
CVE-2024-25996 PHOENIX CONTACT: Remote code execution due to an origin validation error in CHARX Series CWE-346 5.3 Medium2024-03-12
CVE-2024-25995 PHOENIX CONTACT: Remote code execution in CHARX Series CWE-20 9.8 Critical2024-03-12
CVE-2024-25994 PHOENIX CONTACT: Unintended script file upload in CHARX Series CWE-434 5.3 Medium2024-03-12

All 20 known CVE vulnerabilities affecting CHARX SEC-3000 with full Chinese analysis, references, and POCs where available.