CVE-2025-52264
Description
StarCharge Artemis AC Charger 7-22 kW v1.0.4 was discovered to contain a stack overflow via the cgiMain function at download.cgi.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A stack overflow in StarCharge Artemis AC Charger's download.cgi allows authenticated network-adjacent attackers to execute arbitrary code.
A stack overflow vulnerability exists in StarCharge Artemis AC Charger 7-22 kW, version 1.0.4. The flaw is located in the cgiMain function within the download.cgi CGI interface. The software uses the Content-Length header value directly as a buffer size without proper bounds checking, leading to a stack-based buffer overflow [1].
Attack
Vector An attacker must be on the adjacent network and possess valid authentication credentials to the device's web configuration interface. The attack is executed remotely over the network. The vulnerable component is the CGI interface, and the vendor has confirmed the attack vector [1].
Impact
Successful exploitation can result in arbitrary code execution on the device. The vulnerability is classified as a buffer overflow, and its impact includes high-severity consequences such as full system compromise, as indicated by a CVSS v3 score of 8.0 [1].
Mitigation
The vendor, StarCharge, has acknowledged the vulnerability and released a fix in firmware version 1.6. Users are strongly advised to update to this version immediately to remediate the risk [1].
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1- Range: =1.0.4
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2News mentions
0No linked articles in our index yet.