An issue exists in Dalmann OCPP.Core prior to 1.2.0 for OCPP (Open Charge Point Protocol) for electric vehicles. It does not validate the length of the chargePointVendor field in a BootNotification message, potentially leading to server instability and a denial of service when processing excessively large inputs. NOTE: the vendor's perspective is "OCPP.Core is intended for use in a protected environment/network."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dallmann-consulting open charge point protocol |