CVE-2025-5824 – Autel MaxiCharger AC Wallbox Commercial Origin Validation Error Authentication Bypass

June 25, 2025

CVE ID : CVE-2025-5824

Published : June 25, 2025, 6:15 p.m. | 24 minutes ago

Description : Autel MaxiCharger AC Wallbox Commercial Origin Validation Error Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Autel MaxiCharger AC Wallbox Commercial. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this vulnerability.

The specific flaw exists within the handling of bluetooth pairing requests. The issue results from insufficient validation of the origin of commands. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-26353.

Severity: 5.0 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5826 – Autel MaxiCharger AC Wallbox Commercial BLE Command Injection Vulnerability

Next Article CVE-2025-5830 – Autel MaxiCharger AC Wallbox Commercial Heap-based Buffer Overflow Remote Code Execution Vulnerability

Highlights

CVE-2025-27524 – Hitachi JP1/IT Desktop Management 2 – Smart Device Manager Weak Encryption Vulnerability

May 15, 2025

CVE ID : CVE-2025-27524

Published : May 15, 2025, 7:15 a.m. | 1 hour, 31 minutes ago

Description : Weak encryption vulnerability in Hitachi JP1/IT Desktop Management 2 – Smart Device Manager on Windows.This issue affects JP1/IT Desktop Management 2 – Smart Device Manager: from 12-00 before 12-00-08, from 11-10 through 11-10-08, from 11-00 through 11-00-05, from 10-50 through 10-50-06.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

How AI further empowers value stream management

12 Top ReactJS Development Companies in 2025

Not sure where to go with AI? Here’s your roadmap.

This week in AI dev tools: A2A donated to Linux Foundation, OpenAI adds Deep Research to API, and more (June 27, 2025)

The next big HDMI leap has arrived – here’s how these 16K cables will shake things up

Here’s how you can still trade in any phone at Verizon to get an iPhone, iPad, and Apple Watch free

Anthropic has a plan to combat AI-triggered job losses predicted by its CEO

Forget Google and Microsoft: OpenAI may be building the ultimate work suite of apps and services

Say hello to ECMAScript 2025

Say hello to ECMAScript 2025

Ecma International approves ECMAScript 2025: What’s new?

Building Together: PRFT Colleagues Volunteer with Atlanta Habitat for Humanity

Fix Elden Ring Nightreign Connection Errors And Server Login Failure PC

Fix Elden Ring Nightreign Connection Errors And Server Login Failure PC

Fix Now EAC Error 20006 in Elden Ring: Nightreign [6 Easy Tricks]

Fix Now Elden Ring Nightreign EAC Error 30005 (CreateFile Failed)

CVE-2025-5824 – Autel MaxiCharger AC Wallbox Commercial Origin Validation Error Authentication Bypass

Sense: ParrotCTF

CVE-2025-5304 – PT Project Notebooks WordPress Privilege Escalation

Mastodon Cracks Down: New Terms Ban Unauthorized AI Data Scraping

Microsoft 50th Anniversary Copilot Event LIVE: The latest AI announcements from Redmond

Warner Bros. latest earnings are dire for gaming, but A Minecraft Movie is a shining light

CVE-2025-48370 – Supabase Auth URL Path Traversal Vulnerability

CVE-2025-27524 – Hitachi JP1/IT Desktop Management 2 – Smart Device Manager Weak Encryption Vulnerability

SasView is a SAS analysis application

Xbox and Netflix’s Gears of War movie has a director

CSS Carousels

CVE-2025-5824 – Autel MaxiCharger AC Wallbox Commercial Origin Validation Error Authentication Bypass

Related Posts