CVE-2025-5748

| EUVD-2025-17312 HIGH
2025-06-06 [email protected]
8.0
CVSS 3.0
Share

CVSS Vector

CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
EUVD ID Assigned
Mar 14, 2026 - 18:10 euvd
EUVD-2025-17312
Analysis Generated
Mar 14, 2026 - 18:10 vuln.today
CVE Published
Jun 06, 2025 - 16:15 nvd
HIGH 8.0

Tags

RCE Authentication Bypass IoT Level 2 Ev Charger Firmware

Description

WOLFBOX Level 2 EV Charger LAN OTA Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of WOLFBOX Level 2 EV Charger. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Tuya communications module software. The issue results from the exposure of a method allowing the upload of crafted software images to the module. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-26349.

Analysis

Critical remote code execution vulnerability in WOLFBOX Level 2 EV Charger devices that exploits an exposed dangerous method in the Tuya communications module, allowing network-adjacent attackers to upload and execute arbitrary code despite authentication requirements. The authentication bypass mechanism combined with the exposed software upload functionality creates a high-severity attack path that can grant attackers complete control over affected EV charger installations. This vulnerability (formerly ZDI-CAN-26349) presents significant risk to vehicle charging infrastructure and connected IoT deployments relying on Tuya-based communication protocols.

Technical Context

The vulnerability resides in the Tuya communications module software integrated into WOLFBOX Level 2 EV Chargers. Tuya is a widely-used IoT cloud platform providing connectivity and OTA (Over-The-Air) update capabilities for smart devices. The specific flaw involves CWE-749 (Exposed Dangerous Method or Function), where a method responsible for firmware/software image uploads has been exposed without adequate access controls. The underlying issue is compounded by a secondary authentication bypass vulnerability within the Tuya module's authentication mechanism, allowing attackers to circumvent the intended privilege requirements. This combination—exposed OTA upload functionality plus authentication bypass—creates a direct path to arbitrary code execution on the device's Tuya communication subsystem and potentially the host EV charger system. The LAN-based attack vector indicates the vulnerability is exploitable from devices on the same network segment as the charger.

Affected Products

WOLFBOX Level 2 EV Charger devices with Tuya communications module software. Specific version ranges are not detailed in the provided description; however, affected installations are characterized by: (1) integration of Tuya IoT platform for device communication and OTA updates, (2) exposed OTA firmware upload methods, and (3) vulnerable authentication implementation within the Tuya module. CPE identifiers would typically follow pattern: cpe:2.3:h:wolfbox:level_2_ev_charger:*:*:*:*:*:*:*:* with software component cpe:2.3:a:tuya:tuya_communications_module:*:*:*:*:*:*:*:*. Vendor advisory details for WOLFBOX and Tuya patches are not provided in the source data and should be obtained directly from manufacturer advisories or ZDI-CAN-26349 coordination details. Organizations should contact WOLFBOX and Tuya support to determine specific affected firmware versions and available patches.

Remediation

Immediate remediation steps: (1) Check WOLFBOX and Tuya official security advisories for available firmware patches addressing CVE-2025-5748 and authentication bypass; (2) Apply vendor-provided firmware updates to all affected EV chargers immediately upon availability; (3) Network segmentation: isolate EV charger management interfaces to restricted VLANs with access controls limiting LAN exposure; (4) Disable OTA auto-update if manual update review is feasible; (5) Implement network-level monitoring for suspicious firmware upload attempts to charger devices (watch for firmware update traffic patterns); (6) Reset authentication credentials on affected devices if supported; (7) Monitor Tuya module logs for unauthorized access attempts. Long-term: replace affected devices with patched versions once vendor provides remediation, or migrate to alternative non-Tuya-dependent charger platforms if patches are unavailable. Specific patch versions and vendor advisory links must be obtained from WOLFBOX and Tuya security bulletins.

Priority Score

40
Low Medium High Critical
KEV: 0
EPSS: +0.2
CVSS: +40
POC: 0

Share

CVE-2025-5748 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy