← Back to CVE List

CVE-2023-29114

Published: 2024-11-05T15:15Z
Last Modified: 2024-11-05T17:15Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
System logs could be accessed through web management application due to a lack of access control. An attacker can obtain the following sensitive information: • Wi-Fi access point credentials to which the EV charger can connect. • APN web address and credentials. • IPSEC credentials. • Web interface access credentials for user and admin accounts. • JuiceBox system components (software installed, model, firmware version, etc.). • C2G configuration details. • Internal IP addresses. • OTA firmware update configurations (DNS servers). All the credentials are stored in logs in an unencrypted plaintext format. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt