CVE-2025-6678 – Autel MaxiCharger AC Wallbox Commercial PIN Missing Authentication Information Disclosure

June 25, 2025

CVE ID : CVE-2025-6678

Published : June 25, 2025, 6:15 p.m. | 24 minutes ago

Description : Autel MaxiCharger AC Wallbox Commercial PIN Missing Authentication Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Autel MaxiCharger AC Wallbox Commercial charging stations. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the Pile API. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to disclose credentials, leading to further compromise. Was ZDI-CAN-26352.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleKDE Update Turns Off Potentially Seizure Triggering Effect

Next Article CVE-2025-6621 – TOTOLINK CA300-PoE Os Command Injection Vulnerability

Coded Smorgasbord: High Strung

Chainguard launches trusted collection of verified JavaScript libraries

CData launches Connect AI to provide agents access to enterprise data sources

PostgreSQL 18 adds asynchronous I/O to improve performance

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

Development Release: MX Linux 25 Beta 1

DistroWatch Weekly, Issue 1140

PHP 8.5.0 RC 1 available for testing

PHP 8.5.0 RC 1 available for testing

Terraform Code Generator Using Ollama and CodeGemma

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

CVE-2025-6678 – Autel MaxiCharger AC Wallbox Commercial PIN Missing Authentication Information Disclosure

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

A Coding Guide for Building a Self-Improving AI Agent Using Google’s Gemini API with Intelligent Adaptation Features

CVE-2024-45094 – IBM DS8900F and DS8A00 HMC Stored Cross-Site Scripting Vulnerability

CVE-2025-32815 – Infoblox NETMRI Authentication Bypass Vulnerability

An innovative financial services leader finds the right AI solution: Robinhood and Amazon Nova

CVE-2025-52896 – Frappe Cross-Site Scripting (XSS) via Data Import Vulnerability

iOS 18.4 update draining your iPhone’s battery? Try these 6 fixes

Cisco patches critical security hole in Firewall Management Center – act now

CVE-2025-32354 – Zimbra Collaboration CSRF Vulnerability

CVE-2025-6678 – Autel MaxiCharger AC Wallbox Commercial PIN Missing Authentication Information Disclosure

Related Posts