← Back

Garo

garo

5 CVEs • 8 products

Products (8)

Click to collapse
Toggle
Wallbox Gtb Firmware
wallbox_gtb_firmware
4 CVEs
Wallbox Gtc Firmware
wallbox_gtc_firmware
4 CVEs
Wallbox Glb Firmware
wallbox_glb_firmware
4 CVEs
Wallbox Glb+ T2ev7 Firmware
wallbox_glb+_t2ev7_firmware
1 CVE
Wallbox Gtb
wallbox_gtb
0 CVEs
Wallbox Gtc
wallbox_gtc
0 CVEs
Wallbox Glb
wallbox_glb
0 CVEs
Wallbox Glb+ T2ev7
wallbox_glb+_t2ev7
0 CVEs

CVEs (5)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-1707
1Garo
1Wallbox Glb+ T2ev7 Firmware
Feb 12, 2025
Feb 21, 2024
N/A· v4
6.1 MEDIUM· v3
5.0 MEDIUM· v2
A vulnerability, which was classified as problematic, was found in GARO WALLBOX GLB+ T2EV7 0.5. This affects an unknown part of the file /index.jsp#settings of the component Software Update Handler. The manipulation of t...Show more
A vulnerability, which was classified as problematic, was found in GARO WALLBOX GLB+ T2EV7 0.5. This affects an unknown part of the file /index.jsp#settings of the component Software Update Handler. The manipulation of the argument Reference leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-254397 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2023-30399
1Garo
3Wallbox Glb Firmware
Wallbox Gtb FirmwareWallbox Gtc Firmware
Jan 29, 2025
May 4, 2023
N/A· v4
8.1 HIGH· v3
N/A· v2
Insecure permissions in the settings page of GARO Wallbox GLB/GTB/GTC before v189 allows attackers to redirect users to a crafted update package link via a man-in-the-middle attack.
CVE-2021-45878
1Garo
3Wallbox Glb Firmware
Wallbox Gtb FirmwareWallbox Gtc Firmware
Nov 21, 2024
Mar 21, 2022
N/A· v4
9.1 CRITICAL· v3
6.4 MEDIUM· v2
Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by incorrect access control. Lack of access control on the web manger pages allows any user to view and modify information.
CVE-2021-45877
1Garo
3Wallbox Glb Firmware
Wallbox Gtb FirmwareWallbox Gtc Firmware
Nov 21, 2024
Mar 21, 2022
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by hard coded credentials. A hardcoded credential exist in /etc/tomcat8/tomcat-user.xml, which allows attackers to gain authorized access and control the tomcat...Show more
Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by hard coded credentials. A hardcoded credential exist in /etc/tomcat8/tomcat-user.xml, which allows attackers to gain authorized access and control the tomcat completely on port 8000 in the tomcat manger page.Show less
CVE-2021-45876
1Garo
3Wallbox Glb Firmware
Wallbox Gtb FirmwareWallbox Gtc Firmware
Nov 21, 2024
Mar 21, 2022
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by unauthenticated command injection. The url parameter of the function module downloadAndUpdate is vulnerable to an command Injection. Unfiltered user input is...Show more
Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by unauthenticated command injection. The url parameter of the function module downloadAndUpdate is vulnerable to an command Injection. Unfiltered user input is used to generate code which then gets executed when downloading new firmware.Show less