CVE-2023-49958 Information

Description

An issue was discovered in Dalmann OCPP.Core through 1.2.0 for OCPP (Open Charge Point Protocol) for electric vehicles. The server processes mishandle StartTransaction messages containing additional arbitrary properties or duplicate properties. The last occurrence of a duplicate property is accepted. This could be exploited to alter transaction records or impact system integrity.

Reference

https://github.com/dallmann-consulting/OCPP.Core/issues/36