CVE-2025-8348
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-07-31
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
A vulnerability has been found in Kehua Charging Pile Cloud Platform 1.0 and classified as critical. This vulnerability affects unknown code of the file /home. The manipulation leads to improper authentication. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| kehua | charging_pile_cloud_platform | 1.0 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-287 | When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct. |
| CWE-NVD-CWE-noinfo |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in Kehua Charging Pile Cloud Platform 1.0 involves improper authentication due to an issue in the /home file. It allows an attacker to remotely exploit the system without needing prior authentication, potentially bypassing security controls.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized access to the system, potentially allowing attackers to compromise confidentiality, integrity, and availability of the affected platform. Since it can be exploited remotely without authentication, it poses a significant security risk.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70