Description

The server in Circontrol Raption through 5.11.2 has a pre-authentication stack-based buffer overflow that can be exploited to gain run-time control of the device as root. The ocpp1.5 and pwrstudio binaries on the charging station do not use a number of common exploitation mitigations. In particular, there are no stack canaries and they do not use the Position Independent Executable (PIE) format.

INFO

Published Date :

2024-04-12T00:00:00.000Z

Last Modified :

2025-11-04T18:14:15.734Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2020-8006 vulnerability.

Vendors Products
Circontrol
  • Raption Server
REFERENCES

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact