Calgary, Alberta, Canada
sales@hackhalt.com
Free Download Free Download Free Download
Explore Pricing Explore Pricing Explore Pricing

Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total8
Critical1
High4
Medium3
Reset
Showing 1-8 of 8 records
Threat Entry Updated 2026-01-08

CVE-2026-22539 - QC 60/90/120 Plugin

As the service interaction is performed without authentication, an attacker with some knowledge of the protocol could obtain information about the charger via OCPP v1.6.

PLUGIN QC 60/90/120

CVE-2026-22539

MEDIUM CVSS 5.3 2026-01-07
Open Full Technical Breakdown
Threat Entry Updated 2026-01-08

CVE-2026-22543 - QC 60/90/120 Plugin

The credentials required to access the device's web server are sent in base64 within the HTTP headers. Since base64 is not considered a strong cipher, an attacker could intercept the web request handling the login and obtain the credentials

PLUGIN QC 60/90/120

CVE-2026-22543

MEDIUM CVSS 6.9 2026-01-07
Open Full Technical Breakdown
Threat Entry Updated 2026-01-08

CVE-2026-22535 - QC 60/90/120 Plugin

An attacker with the ability to interact through the network and with access credentials, could, thanks to the unsecured (unencrypted) MQTT communications protocol, write on the server topics of the board that controls the MQTT communications

PLUGIN QC 60/90/120

CVE-2026-22535

HIGH CVSS 8.9 2026-01-07
Open Full Technical Breakdown
Threat Entry Updated 2026-01-08

CVE-2026-22537 - QC 60/90/120 Plugin

The lack of hardening of the system allows the user used to manage and maintain the charger to consult different files containing clear-text credentials or valuable information for an attacker.

PLUGIN QC 60/90/120

CVE-2026-22537

MEDIUM CVSS 6.8 2026-01-07
Open Full Technical Breakdown
Threat Entry Updated 2026-01-08

CVE-2026-22542 - QC 60/90/120 Plugin

An attacker with access to the system's internal network can cause a denial of service on the system by making two concurrent connections through the Telnet service.

PLUGIN QC 60/90/120

CVE-2026-22542

CRITICAL CVSS 9.2 2026-01-07
Open Full Technical Breakdown
Threat Entry Updated 2026-01-08

CVE-2026-22541 - QC 60/90/120 Plugin

The massive sending of ICMP requests causes a denial of service on one of the boards from the EVCharger that allows control the EV interfaces. Since the board must be operating correctly for the charger to also function correctly.

PLUGIN QC 60/90/120

CVE-2026-22541

HIGH CVSS 8.2 2026-01-07
Open Full Technical Breakdown
Scroll to top