.. / CVE-2023-46359

Exploit for cPH2 Charging Station v1.87.0 - OS Command Injection (CVE-2023-46359)

Description:

An OS command injection vulnerability in Hardy Barth cPH2 Ladestation v1.87.0 and earlier, may allow an unauthenticated remote attacker to execute arbitrary commands on the system via a specifically crafted arguments passed to the connectivity check feature.

Nuclei Template

View the template here CVE-2023-46359.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2023/CVE-2023-46359.yaml
Copy

References:

https://www.offensity.com/en/blog/os-command-injection-in-cph2-charging-station-200-cve-2023-46359-and-cve-2023-46360/
http://hardy.com
https://github.com/fkie-cad/nvd-json-data-feeds
https://nvd.nist.gov/vuln/detail/CVE-2023-46359
https://github.com/d4n-sec/d4n-sec.github.io