{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-27T22:45:14.595","vulnerabilities":[{"cve":{"id":"CVE-2025-48416","sourceIdentifier":"551230f0-3615-47bd-b7cc-93e92e730bbf","published":"2025-05-21T13:16:02.947","lastModified":"2026-06-17T09:29:37.093","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"An OpenSSH daemon listens on TCP port 22. There is a hard-coded entry in the \"/etc/shadow\" file in the firmware image for the \"root\" user. However, in the default SSH configuration the \"PermitRootLogin\" is disabled, preventing the root user from logging in via SSH. This configuration can be bypassed/changed by an attacker through multiple paths though."},{"lang":"es","value":"Un demonio OpenSSH escucha en el puerto TCP 22. Hay una entrada incluida en el archivo «/etc/shadow» en la imagen del firmware para el usuario «root». Sin embargo, en la configuración SSH por defecto el «PermitRootLogin» está desactivado, impidiendo que el usuario root inicie sesión a través de SSH. No obstante, esta configuración puede ser evitada/cambiada por un atacante de múltiples formas."}],"affected":[{"source":"551230f0-3615-47bd-b7cc-93e92e730bbf","affectedData":[{"vendor":"eCharge Hardy Barth","product":"cPH2 / cPP2 charging stations","defaultStatus":"affected","versions":[{"version":"<=2.2.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-30T16:24:30.804367Z","id":"CVE-2025-48416","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"551230f0-3615-47bd-b7cc-93e92e730bbf","type":"Secondary","description":[{"lang":"en","value":"CWE-912"}]}],"references":[{"url":"https://r.sec-consult.com/echarge","source":"551230f0-3615-47bd-b7cc-93e92e730bbf"},{"url":"http://seclists.org/fulldisclosure/2025/May/23","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}