CVE-2024-44843 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

An issue in the web socket handshake process of SteVe v3.7.1 allows attackers to bypass authentication and execute arbitrary coammands via supplying crafted OCP…
Medium CVSS: 5.9

CVE-2024-44843

An issue in the web socket handshake process of SteVe v3.7.1 allows attackers to bypass authentication and execute arbitrary coammands via supplying crafted OCPP requests.
Vendor
Steve-community
Product
Steve
CWE
CWE-287
Yayın Tarihi
2025-04-15 21:15:46
Güncelleme
2025-04-25 16:48:36
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-287 Steve MEDIUM Steve-community 2025

Referanslar

https://gist.github.com/Badranh/94359664799db6d4709871f0c353f476 https://github.com/steve-community/steve/blob/master/src/main/java/de/rwth/idsg/steve/ocpp/ws/OcppWebSocketHandshakeHandler.java https://github.com/steve-community/steve/issues/1546