VYPR
Medium severity5.7NVD Advisory· Published Nov 5, 2024· Updated Jun 17, 2026

CVE-2023-29114

CVE-2023-29114

Description

System logs could be accessed through web management application due to a lack of access control.

An attacker can obtain the following sensitive information:

•     Wi-Fi access point credentials to which the EV charger can connect.

•     APN web address and credentials.

•     IPSEC credentials.

•     Web interface access credentials for user and admin accounts.

•     JuiceBox system components (software installed, model, firmware version, etc.).

•     C2G configuration details.

•     Internal IP addresses.

•     OTA firmware update configurations (DNS servers).

All the credentials are stored in logs in an unencrypted plaintext format.

Affected products

1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.