If misconfigured, alpitronic Hypercharger EV charging devices can expose a web interface protected by authentication. If the default credentials are not changed, an attacker can use public knowledge to access the device as an administrator.