CVE-2020-8007 Information

Description

The pwrstudio web application of EV Charger (in the server in Circontrol Raption through 5.6.2) is vulnerable to OS command injection via three fields of the configuration menu for ntpserver0 ntpserver1 and pingip.

Reference

https://circontrol.com/intelligent-charging-solutions/dc-chargers-series/raption-150/ https://seclists.org/fulldisclosure/2024/Mar/33