CVE-2025-27804 | eCharge Hardy Barth cPH2 Charging Station/cPP2 Charging Station up to 2.2.0 MQTT Message /var/salia/mqtt.php os command injection

May 21, 2025 Yanac

A vulnerability, which was classified as critical, has been found in eCharge Hardy Barth cPH2 Charging Station and cPP2 Charging Station up to 2.2.0. Affected by this issue is some unknown functionality of the file /var/salia/mqtt.php of the component MQTT Message Handler. The manipulation leads to os command injection.

This vulnerability is handled as CVE-2025-27804. Access to the local network is required for this attack to succeed. There is no exploit available.VulDB Recent EntriesRead More