WebSocket endpoints lack proper authentication mechanisms, enabling attackers to impersonate charging stations. As a result, attackers can exploit this weakness to gain unauthorized access to sensitive data or perform unauthorized actions. Given that no authentication is required, this can lead to privilege escalation and potentially compromise the security of the entire system.
References
Configurations
No configuration.
History
25 Jun 2026, 22:17
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-06-25 22:17
Updated : 2026-06-26 20:21
NVD link : CVE-2026-40702
Mitre link : CVE-2026-40702
CVE.ORG link : CVE-2026-40702
JSON object : View
Products Affected
No product.
CWE
CWE-306
Missing Authentication for Critical Function
