CVE-2025-5823

Autel MaxiCharger AC Wallbox Commercial Serial Number Exposed Dangerous Method Information Disclosure Vulnerability

Description

Autel MaxiCharger AC Wallbox Commercial Serial Number Exposed Dangerous Method Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. Authentication is required to exploit this vulnerability. The specific flaw exists within the implementation of the Autel Technician API. The issue results from an exposed dangerous method. An attacker can leverage this vulnerability to disclose credentials, leading to further compromise. Was ZDI-CAN-26351.

INFO

Published Date :

2025-06-25T18:01:07.948Z

Last Modified :

2025-06-26T13:17:04.941Z

Source :

zdi

AFFECTED PRODUCTS

The following products are affected by CVE-2025-5823 vulnerability.

Vendors	Products
Autel	Maxicharger Ac Elite Business C50 Maxicharger Ac Elite Business C50 Firmware Maxicharger Ac Pro Maxicharger Ac Pro Firmware Maxicharger Ac Ultra Maxicharger Ac Ultra Firmware Maxicharger Dc Compact Mobile Maxicharger Dc Compact Mobile Firmware Maxicharger Dc Compact Pedestal Maxicharger Dc Compact Pedestal Firmware Maxicharger Dc Fast Maxicharger Dc Fast Firmware Maxicharger Dc Hipower Maxicharger Dc Hipower Firmware Maxicharger Dh480 Maxicharger Dh480 Firmware Maxicharger Single Charger Maxicharger Single Charger Firmware

Vendors

Products

Autel

Maxicharger Ac Elite Business C50
Maxicharger Ac Elite Business C50 Firmware
Maxicharger Ac Pro
Maxicharger Ac Pro Firmware
Maxicharger Ac Ultra
Maxicharger Ac Ultra Firmware
Maxicharger Dc Compact Mobile
Maxicharger Dc Compact Mobile Firmware
Maxicharger Dc Compact Pedestal
Maxicharger Dc Compact Pedestal Firmware
Maxicharger Dc Fast
Maxicharger Dc Fast Firmware
Maxicharger Dc Hipower
Maxicharger Dc Hipower Firmware
Maxicharger Dh480
Maxicharger Dh480 Firmware
Maxicharger Single Charger
Maxicharger Single Charger Firmware

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-5823.

URL	Resource
https://www.zerodayinitiative.com/advisories/ZDI-25-341/

CVSS Vulnerability Scoring System

V3.1
V3.0

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact