Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-5751

WOLFBOX Level 2 EV Charger Management Card Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows physically present attackers to bypass authentication on affected installations of WOLFBOX Level 2 EV Charger. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of management cards. The issue results from the lack of personalization of management cards. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-26292.

Published

2025-06-06T16:15:30.413

Last Modified

2025-08-14T15:25:26.630

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 6.8 (MEDIUM)

Weaknesses

Type: Secondary
CWE-798

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	wolfbox	level_2_ev_charger_firmware	3.1.17	Yes
Hardware	wolfbox	level_2_ev_charger	-	No

References

https://www.zerodayinitiative.com/advisories/ZDI-25-330/ Third Party Advisory ([email protected])