CVE-2025-3882 – eCharge Hardy Barth cPH2 Command Injection Remote Code Execution Vulnerability

May 22, 2025

CVE ID : CVE-2025-3882

Published : May 22, 2025, 1:15 a.m. | 1 hour, 44 minutes ago

Description : eCharge Hardy Barth cPH2 nwcheckexec.php dest Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of eCharge Hardy Barth cPH2 charging stations. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the handling of the dest parameter provided to the nwcheckexec.php endpoint. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the www-data user. Was ZDI-CAN-23114.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-3484 – MedDream PACS Server DICOM File Parsing Remote Code Execution Vulnerability

Next Article CVE-2025-3881 – eCharge Hardy Barth cPH2 NTP Command Injection Remote Code Execution

Last week in AI dev tools: Cloudflare blocking AI crawlers by default, Perplexity Max subscription, and more (July 7, 2025)

Infragistics Launches Ultimate 25.1 With Major Updates to App Builder, Ignite UI

Design Guidelines For Better Notifications UX

10 Top React.js Development Service Providers For Your Next Project In 2026

My favorite “non-gaming” gaming accessory is down to its lowest price for Prime Day | XREAL’s AR glasses give you a virtual cinema screen for Xbox Cloud Gaming, Netflix, PC gaming handhelds, and more

I’ve been using this Alienware 240Hz gaming monitor for 2 years — less than $1 a day if I’d bought it with this Prime Day discount

Final Fantasy IX Remake possibly cancelled according to latest rumors — Which may be the saddest way to celebrate this legendary game’s 25th anniversary

I back up everything on this rugged 4TB SSD — here’s why I recommend it at 40% off

Token Limit – Monitor token usage in AI context files

Token Limit – Monitor token usage in AI context files

Perficient Named a 2025 Best Place to Work in Orange County!

Perficient Recognized by Leading Analyst Firm for Automotive and Mobility Expertise

My favorite “non-gaming” gaming accessory is down to its lowest price for Prime Day | XREAL’s AR glasses give you a virtual cinema screen for Xbox Cloud Gaming, Netflix, PC gaming handhelds, and more

My favorite “non-gaming” gaming accessory is down to its lowest price for Prime Day | XREAL’s AR glasses give you a virtual cinema screen for Xbox Cloud Gaming, Netflix, PC gaming handhelds, and more

I’ve been using this Alienware 240Hz gaming monitor for 2 years — less than $1 a day if I’d bought it with this Prime Day discount

Final Fantasy IX Remake possibly cancelled according to latest rumors — Which may be the saddest way to celebrate this legendary game’s 25th anniversary

CVE-2025-3882 – eCharge Hardy Barth cPH2 Command Injection Remote Code Execution Vulnerability

CVE-2025-20324 – Splunk Enterprise/Cloud Platform System Source Type Configuration Injection Vulnerability

CVE-2025-20325 – Splunk Enterprise and Cloud Platform Search Head Cluster Secret Key Exposure

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

CVE-2025-6854 – Chatchat-space Langchain-Chatchat Path Traversal Vulnerability

D-Spy – explore the D-Bus

10 Strumenti GNU/Linux Poco Conosciuti per Massimizzare la Produttività al Terminale

Enigmata’s Multi-Stage and Mix-Training Reinforcement Learning Recipe Drives Breakthrough Performance in LLM Puzzle Reasoning

Best Artificial Intelligence Software

Best Free and Paid AI Video Generator Tools – Compiled by India’s Human AI Srinidhi Ranganathan

CVE-2025-46618 – JetBrains TeamCity Stored XSS Vulnerability

CVE-2025-3882 – eCharge Hardy Barth cPH2 Command Injection Remote Code Execution Vulnerability

Related Posts