CVE-2025-54564 Information

Aug 02, 2025 cve

Description

uploadsm in ChargePoint Home Flex 5.5.4.13 does not validate a user-controlled string for bz2 decompression which allows command execution as the nobody user.

Reference

https://github.com/koharin/CVE/blob/main/CVE-2025-54564

CNNVD-202508-072 (Published: 2025-08-01)

Share on:

CVE-2025-54564 Information

Description

Reference

Related CNNVD