Wallbox Gtc Firmware
Approved changes feed: RSS · Atom
cpe:2.3:o:garo:wallbox_gtc_firmware:*:*:*:*:*:*:*:*
part: o version: * update: *
| Vendor | Garo (f8f89a3d-cb52-5925-a5e6-38382de0c36e) |
|---|---|
| Product | Wallbox Gtc Firmware (8d2d5381-0069-549f-a49d-1ebde1efdac1) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-30399 |
vulnerable | 2026-06-08 06:02:44.073629 |
Details available
Insecure permissions in the settings page of GARO Wallbox GLB/GTB/GTC before v189 allows attackers to redirect users to a crafted update package link via a man-in-the-middle attack.
Published: 2023-05-04T00:00:00.000Z
Updated: 2025-01-29T19:21:28.249Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-45878 |
vulnerable | 2026-06-08 05:36:49.518390 |
Details available
Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by incorrect access control. Lack of access control on the web manger pages allows any user to view and modify information.
Published: 2022-03-21T10:46:38.000Z
Updated: 2024-08-04T04:54:30.899Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-45877 |
vulnerable | 2026-06-08 05:36:49.515858 |
Details available
Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by hard coded credentials. A hardcoded credential exist in /etc/tomcat8/tomcat-user.xml, which allows attackers to gain authorized access and control the tomcat completely on port 8000 in the tomcat manger page.
Published: 2022-03-21T10:38:37.000Z
Updated: 2024-08-04T04:54:30.851Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-45876 |
vulnerable | 2026-06-08 05:36:49.513504 |
Details available
Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by unauthenticated command injection. The url parameter of the function module downloadAndUpdate is vulnerable to an command Injection. Unfiltered user input is used to generate code which then gets executed when downloading new firmware.
Published: 2022-03-21T10:27:40.000Z
Updated: 2024-08-04T04:54:31.089Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.