CVE-2026-26305: CWE-307 in Mobility46 mobility46.se
CVE-2026-26305 is a high-severity vulnerability in the WebSocket API of Mobility46's mobility46. se platform, affecting all versions. The vulnerability stems from the lack of rate limiting on authentication requests, allowing attackers to perform denial-of-service attacks by disrupting legitimate charger telemetry or conduct brute-force attacks to gain unauthorized access. Exploitation requires no authentication or user interaction and can be executed remotely over the network. Although no known exploits are currently reported in the wild, the vulnerability poses a significant risk to the availability of services relying on this platform. Organizations using mobility46. se for charger telemetry or related services should prioritize mitigation to prevent service disruption and unauthorized access. The vulnerability impacts the availability of the system but does not directly affect confidentiality or integrity. Countries with significant adoption of electric vehicle infrastructure and Mobility46 products, especially in Europe and North America, are most at risk. Immediate mitigation should include implementing rate limiting on authentication requests, monitoring for abnormal request patterns, and applying any vendor patches once available.
AI Analysis
Technical Summary
CVE-2026-26305 is a vulnerability identified in the WebSocket API of the Mobility46 platform (mobility46.se), which is used for managing charger telemetry. The core issue is the absence of restrictions on the number of authentication requests that can be made via the WebSocket interface. This lack of rate limiting allows attackers to flood the system with authentication attempts, which can lead to denial-of-service (DoS) conditions by suppressing or mis-routing legitimate telemetry data from chargers. Additionally, the vulnerability enables brute-force attacks to guess authentication credentials, potentially granting unauthorized access to the system. The vulnerability affects all versions of the product and can be exploited remotely without any prior authentication or user interaction, increasing its risk profile. The CVSS v3.1 base score is 7.5, reflecting high severity primarily due to the impact on availability and ease of exploitation. While no public exploits have been reported yet, the vulnerability's characteristics make it a credible threat to organizations relying on Mobility46's infrastructure for critical telemetry and charging operations. The CWE-307 classification highlights the failure to implement proper authentication rate limiting controls, a common security oversight that can have serious operational consequences.
Potential Impact
The primary impact of CVE-2026-26305 is on the availability of services provided by the Mobility46 platform. By enabling denial-of-service attacks through unrestricted authentication requests, attackers can disrupt the flow of charger telemetry data, which may lead to operational outages or degraded service quality. This disruption can affect electric vehicle charging infrastructure, potentially causing downtime or incorrect telemetry reporting. Additionally, the possibility of brute-force attacks to gain unauthorized access threatens the integrity of the system's authentication mechanisms, potentially allowing attackers to manipulate or control charger telemetry data or configurations. For organizations worldwide, especially those managing large-scale EV charging networks or relying on Mobility46's platform for telemetry, this vulnerability could result in operational interruptions, financial losses, and reputational damage. The ease of remote exploitation without authentication or user interaction further elevates the risk, making it a critical concern for infrastructure resilience.
Mitigation Recommendations
To mitigate CVE-2026-26305 effectively, organizations should implement strict rate limiting on all authentication requests at the WebSocket API level to prevent abuse through excessive attempts. Deploying Web Application Firewalls (WAFs) or API gateways capable of detecting and throttling abnormal traffic patterns can provide an additional layer of defense. Monitoring authentication logs and telemetry data for unusual spikes or repeated failed attempts is crucial for early detection of attack attempts. Organizations should also enforce strong authentication policies, such as multi-factor authentication (MFA), to reduce the risk of successful brute-force attacks. Network segmentation and limiting exposure of the WebSocket API to trusted networks can reduce the attack surface. Since no official patches are currently available, maintaining close communication with Mobility46 for updates and applying vendor patches promptly once released is essential. Finally, conducting regular security assessments and penetration testing focused on authentication mechanisms can help identify and remediate similar issues proactively.
Affected Countries
United States, Germany, Netherlands, France, United Kingdom, Canada, Norway, Sweden, Denmark, China, South Korea
CVE-2026-26305: CWE-307 in Mobility46 mobility46.se
Description
CVE-2026-26305 is a high-severity vulnerability in the WebSocket API of Mobility46's mobility46. se platform, affecting all versions. The vulnerability stems from the lack of rate limiting on authentication requests, allowing attackers to perform denial-of-service attacks by disrupting legitimate charger telemetry or conduct brute-force attacks to gain unauthorized access. Exploitation requires no authentication or user interaction and can be executed remotely over the network. Although no known exploits are currently reported in the wild, the vulnerability poses a significant risk to the availability of services relying on this platform. Organizations using mobility46. se for charger telemetry or related services should prioritize mitigation to prevent service disruption and unauthorized access. The vulnerability impacts the availability of the system but does not directly affect confidentiality or integrity. Countries with significant adoption of electric vehicle infrastructure and Mobility46 products, especially in Europe and North America, are most at risk. Immediate mitigation should include implementing rate limiting on authentication requests, monitoring for abnormal request patterns, and applying any vendor patches once available.
AI-Powered Analysis
Technical Analysis
CVE-2026-26305 is a vulnerability identified in the WebSocket API of the Mobility46 platform (mobility46.se), which is used for managing charger telemetry. The core issue is the absence of restrictions on the number of authentication requests that can be made via the WebSocket interface. This lack of rate limiting allows attackers to flood the system with authentication attempts, which can lead to denial-of-service (DoS) conditions by suppressing or mis-routing legitimate telemetry data from chargers. Additionally, the vulnerability enables brute-force attacks to guess authentication credentials, potentially granting unauthorized access to the system. The vulnerability affects all versions of the product and can be exploited remotely without any prior authentication or user interaction, increasing its risk profile. The CVSS v3.1 base score is 7.5, reflecting high severity primarily due to the impact on availability and ease of exploitation. While no public exploits have been reported yet, the vulnerability's characteristics make it a credible threat to organizations relying on Mobility46's infrastructure for critical telemetry and charging operations. The CWE-307 classification highlights the failure to implement proper authentication rate limiting controls, a common security oversight that can have serious operational consequences.
Potential Impact
The primary impact of CVE-2026-26305 is on the availability of services provided by the Mobility46 platform. By enabling denial-of-service attacks through unrestricted authentication requests, attackers can disrupt the flow of charger telemetry data, which may lead to operational outages or degraded service quality. This disruption can affect electric vehicle charging infrastructure, potentially causing downtime or incorrect telemetry reporting. Additionally, the possibility of brute-force attacks to gain unauthorized access threatens the integrity of the system's authentication mechanisms, potentially allowing attackers to manipulate or control charger telemetry data or configurations. For organizations worldwide, especially those managing large-scale EV charging networks or relying on Mobility46's platform for telemetry, this vulnerability could result in operational interruptions, financial losses, and reputational damage. The ease of remote exploitation without authentication or user interaction further elevates the risk, making it a critical concern for infrastructure resilience.
Mitigation Recommendations
To mitigate CVE-2026-26305 effectively, organizations should implement strict rate limiting on all authentication requests at the WebSocket API level to prevent abuse through excessive attempts. Deploying Web Application Firewalls (WAFs) or API gateways capable of detecting and throttling abnormal traffic patterns can provide an additional layer of defense. Monitoring authentication logs and telemetry data for unusual spikes or repeated failed attempts is crucial for early detection of attack attempts. Organizations should also enforce strong authentication policies, such as multi-factor authentication (MFA), to reduce the risk of successful brute-force attacks. Network segmentation and limiting exposure of the WebSocket API to trusted networks can reduce the attack surface. Since no official patches are currently available, maintaining close communication with Mobility46 for updates and applying vendor patches promptly once released is essential. Finally, conducting regular security assessments and penetration testing focused on authentication mechanisms can help identify and remediate similar issues proactively.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- icscert
- Date Reserved
- 2026-02-24T00:35:18.457Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 69a0ebae32ffcdb8a293f32c
Added to database: 2/27/2026, 12:56:14 AM
Last enriched: 2/27/2026, 1:11:10 AM
Last updated: 2/27/2026, 2:12:45 AM
Views: 3
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
CVE-2026-3274: Buffer Overflow in Tenda F453
HighCVE-2026-3037: CWE-78 in Copeland Copeland XWEB 300D PRO
HighCVE-2026-25721: CWE-78 in Copeland Copeland XWEB 300D PRO
HighCVE-2026-25196: CWE-78 in Copeland Copeland XWEB 300D PRO
HighCVE-2026-25105: CWE-78 in Copeland Copeland XWEB 300D PRO
HighActions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console in Console -> Billing for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.